Put your classes.zip in tomcat\common\lib
Regards
Guru
-Original Message-
From: Jiang, Peiyun [mailto:[EMAIL PROTECTED]
Sent: 21 April 2005 17:16
To: 'Tomcat Users List'
Subject: JDBCRealm Configuration
I got the Exception when starting tomcat. What's wrong with it?
Peiyun
I had similar problems, and was forced to revert back to Tomcat 5.0.x.
Are you using HTTP or Form-based authentication to get the user
credentials?
On Tue, 2005-03-08 at 11:57 -0700, Richard Mixon (qwest) wrote:
Has anything changed with the way that JDBCReal handles connection
timeouts in
We are using form-based authentication. We changed to the
DataSourceRealm last weekend and it appears (so far) to have solved the
problem (again with TC 5.5.7 plus session replication patch).
- Richard
Darren Govoni wrote:
I had similar problems, and was forced to revert back to Tomcat 5.0.x.
useful info. Thx. Have you actually tested your configure in
tc5.5.7/.8, i.e. Tomcat Manager app deploy/redeploy etc.?
-Original Message-
From: David Tonhofer, m-plify S.A. [mailto:[EMAIL PROTECTED]
Sent: March 10, 2005 5:55 AM
To: Tomcat Users List
Subject: Re: JDBCRealm changes from Tomcat
Juste pour info:
I have written up my DataSourceRealm with DBCP that I got working
before 02:00 this night (eww) into the DBCP Twiki. Not the best place,
but hey, might be useful:
http://wiki.apache.org/jakarta-commons/DBCP
Enjoy,
-- David
--On Wednesday, March 09, 2005 8:40 PM -0800 alexander
On Wed, 09 Mar 2005 17:39:21 -0800, alexander dosher [EMAIL PROTECTED] wrote:
and an
Engine
Realm className=org.apache.catalina.realm.DataSourceRealm
name=UserDatabase
and i get
java.lang.NullPointerException
at javax.naming.NameImpl.init
at javax.naming.CompositeName.init
Very useful info. Thx. Have you actually tested your configure in
tc5.5.7/.8, i.e. Tomcat Manager app deploy/redeploy etc.?
-Original Message-
From: David Tonhofer, m-plify S.A. [mailto:[EMAIL PROTECTED]
Sent: March 10, 2005 5:55 AM
To: Tomcat Users List
Subject: Re: JDBCRealm changes
Could any one who has tested it post his result? I am really frustrated by
the sometime buggy 5.5 releases and I had to revert to 5.0.28.
-Original Message-
From: Remy Maucherat [mailto:[EMAIL PROTECTED]
Sent: March 8, 2005 6:23 PM
To: Tomcat Users List
Subject: Re: JDBCRealm changes
On Wed, 9 Mar 2005 10:40:37 -0500, Phillip Qin
[EMAIL PROTECTED] wrote:
Could any one who has tested it post his result? I am really frustrated by
the sometime buggy 5.5 releases and I had to revert to 5.0.28.
You can also use the realms form 5.5.4, as they don't have problems.
The regressions
Phillip Qin [EMAIL PROTECTED]:
Could any one who has tested it post his result? I am really
frustrated by the sometime buggy 5.5 releases and I had to revert
to 5.0.28.
here's a summation of my experiences interpretations of answers from
the list, so far:
JDBCRealm (5.5.4): worked i think, but
alexander dosher wrote:
DataSourceRealm (5.5.7): doesn't work or is unconfigurable by me - i've
got a
Server
GlobalNamingResources
Resource type=javax.sql.DataSource name=UserDatabase
and an
Engine
Realm className=org.apache.catalina.realm.DataSourceRealm
name=UserDatabase
snip/
How
Hassan Schroeder makes my day:
How about something like:
(the correct answer)
YES, thank you. i had a resourceName instead of a dataSourceName in my
DataSourceRealm, left over from trying to use a UserDatabaseRealm, which
i didn't really understand and isn't even in the docs anymore anyway.
i'm getting the same problem, w/MySQL 4.1.8 3.1.6 connector (except my
error is Software caused connection abort rather than broken pipe -
but same underlying cause, MySQL timing out the connection).
autoReconnect doesn't work for me either. sounds like perhaps i should
bail on 5.5.* go to
On Tue, 08 Mar 2005 14:28:12 -0800, alexander dosher [EMAIL PROTECTED] wrote:
i'm getting the same problem, w/MySQL 4.1.8 3.1.6 connector (except my
error is Software caused connection abort rather than broken pipe -
but same underlying cause, MySQL timing out the connection).
autoReconnect
Richard Mixon (qwest) wrote:
We upgraded from Tomcat 5.0.19 to Tomcat 5.5.7 in production and are now
getting JDBC connection errors when the site has not been accessed for a
while. This is happening when a user tries to login - we use a
JDBCRealm to authenticate the user.
Would using the
On Tue, 08 Mar 2005 15:16:41 -0800, Hassan Schroeder
[EMAIL PROTECTED] wrote:
Richard Mixon (qwest) wrote:
We upgraded from Tomcat 5.0.19 to Tomcat 5.5.7 in production and are now
getting JDBC connection errors when the site has not been accessed for a
while. This is happening when a
, the longest inactive
period is usually about six hours.
- Richard
-Original Message-
From: Hassan Schroeder [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 08, 2005 4:17 PM
To: Tomcat Users List
Subject: Re: JDBCRealm changes from Tomcat 5.0.x to 5.5.x
Richard Mixon (qwest) wrote:
We upgraded
Remy,
Thanks - but where do I get the new class file?
- Richard
-Original Message-
From: Remy Maucherat [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 08, 2005 4:01 PM
To: Tomcat Users List
Subject: Re: JDBCRealm changes from Tomcat 5.0.x to 5.5.x
On Tue, 08 Mar 2005 14:28:12 -0800
On Tue, 8 Mar 2005 16:28:22 -0700, Richard Mixon (qwest)
[EMAIL PROTECTED] wrote:
Remy,
Thanks - but where do I get the new class file?
The Apache mail server, which, BTW, must be the worst mail server in
existence, chooses to let through all the viruses and spammers of the
world, but is
Richard Mixon (qwest) wrote:
Hassan, Could it be that you do not experience the long periods of
inactivity on weekends that we do?
No, I'm using this for both my own dev workbench and an intranet
server at the moment, and at the least they're idled out overnight.
So there's not enough
I'd be extremely glad if you could test this possibly fixed realm.
Replace the existing class in server/lib/catalina-optional.jar.
...
you have to either build it from CVS (which is easy) or get it from a
nightly build.
M. Maucherat,
thank you for the suggestion, but i'm not sufficiently (i.e. at
: Sunday, October 24, 2004 2:42 AM
Subject: Re: JDBCRealm
On Sat, Oct 23, 2004 at 07:05:58PM +0200, Roland Carlsson wrote:
: In the memoryRealm I can define groups with a set of roles so that I
don't
: have to give every user the same set over and over again. Is this
possible
: so solve
On Sun, Oct 24, 2004 at 11:58:29AM +0200, Roland Carlsson wrote:
: Well, since I can't find any way to configure the Admin to use anything but
: the Memory realm ( no way to change the realm class) so it seems like it's
: going to be hard to use it to administer the JDBCRealm.
Really? I figure
-
From: QM [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Sunday, October 24, 2004 2:45 PM
Subject: Re: JDBCRealm
On Sun, Oct 24, 2004 at 11:58:29AM +0200, Roland Carlsson wrote:
: Well, since I can't find any way to configure the Admin to use anything
but
: the Memory realm
On Sat, Oct 23, 2004 at 07:05:58PM +0200, Roland Carlsson wrote:
: In the memoryRealm I can define groups with a set of roles so that I don't
: have to give every user the same set over and over again. Is this possible
: so solve with the built-in JDBCRealm?
I can't say for certain, but I see
this myself, the more I like
it. For the most part it's transparent across containers.
-Original Message-
From: QM [mailto:[EMAIL PROTECTED]
Sent: Monday, October 18, 2004 10:01 PM
To: Tomcat Users List
Subject: Re: JDBCRealm authentication on every page
On Mon, Oct 18, 2004 at 11:41:51AM -0500
On Mon, Oct 18, 2004 at 05:59:59PM +0200, Diego wrote:
: Hi! I want to put a login form on all of my pages. I'm using Tomcat 5
: and JDBCRealm, and authentication is working fine when a user tries to
: access a protected resource. But I don't know how could I invoke
: manually JDBCRealm
QM,
I think, but this may need elaboration, that Deigo want's to put a login
box on all pages when the user has not authenticated and not show it after
login.
-Original Message-
From: QM [mailto:[EMAIL PROTECTED]
Sent: Monday, October 18, 2004 12:10 PM
To: Tomcat Users List
Subject: Re
On Mon, Oct 18, 2004 at 11:41:51AM -0500, Graff, David wrote:
: I think, but this may need elaboration, that Deigo want's to put a login
: box on all pages when the user has not authenticated and not show it after
: login.
Ah, gotcha. Instead of showing a login box, what about a login *link*
: I was trying to find an example application using the JDBCREalm (if
: possible using Mysql). I don't mean the Tomcat5 configuration part,
: which is well explained in the docs, but some code clarifying the
: implementation with a servlet etc.
:
: I don't know if you could point me to some
: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 26, 2003 4:00 PM
To: Tomcat Users List
Subject: Re: JDBCRealm problem
The problem is this:
2003-11-26 11:53:19 JDBCRealm[localhost]: Exception performing
authentication
java.sql.SQLException: [Microsoft][SQLServer 2000 Driver
)
at
java.io.ObjectInputStream$BlockDataInputStream.readShort(ObjectInputStre
am.java:2619)
Any help would be appreciated
thanks,
James
-Original Message-
From: Ostad, James
Sent: Wednesday, December 03, 2003 9:51 AM
To: Tomcat Users List
Subject: RE: JDBCRealm problem
Hi,
Thanks for the info
One more thing,
when I commented out the realm section in server.xml, the program does
work with the default realm.
James
-Original Message-
From: Ostad, James
Sent: Wednesday, December 03, 2003 10:08 AM
To: Tomcat Users List
Subject: RE: JDBCRealm problem
I just noticed this errors
Subject: RE: JDBCRealm problem
I just noticed this errors in the following files under tomcat log
directory:
catalina_log.2003-12-03.txt
2003-12-03 09:59:06 CoyoteAdapter An exception or error occurred in the
container during the request processing
java.lang.NullPointerException
: Re: JDBCRealm problem
If you have a NPE, it might being thrown by the Realm. This can happen
when
there is a null role or similar. This has since been patched. You can
test it
by getting the latest JDBCRealm from source, compiling it and placing it
in
the appropriate nested dir in server
Users List
Subject: Re: JDBCRealm problem
If you have a NPE, it might being thrown by the Realm. This can happen
when
there is a null role or similar. This has since been patched. You can
test it
by getting the latest JDBCRealm from source, compiling it and placing it
in
the appropriate nested
Users List
Subject: Re: JDBCRealm problem
If you have a NPE, it might being thrown by the Realm. This can happen
when
there is a null role or similar. This has since been patched. You can
test it
by getting the latest JDBCRealm from source, compiling it and placing it
in
the appropriate nested
? or it is separate?
thanks
James
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 03, 2003 10:20 AM
To: Tomcat Users List
Subject: Re: JDBCRealm problem
If you have a NPE, it might being thrown by the Realm. This can happen
when there is a null role
Tim,
I am afraid that I am not familiar with the first line, CP=...
is that a copy command on unix?
thanks
james
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 03, 2003 11:20 AM
To: Tomcat Users List
Subject: Re: JDBCRealm problem
Oops, wrong
, December 03, 2003 11:20 AM
To: Tomcat Users List
Subject: Re: JDBCRealm problem
Oops, wrong file:
http://cvs.apache.org/viewcvs.cgi/jakarta-tomcat-4.0/catalina/src/share/
org/apache/catalina/realm/JDBCRealm.java
-Tim
Tim Funk wrote:
http://cvs.apache.org/viewcvs.cgi/jakarta-tomcat-4.0/catalina
-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 03, 2003 12:13 PM
To: Tomcat Users List
Subject: Re: JDBCRealm problem
It was a lazy way to set environment variables in unix.
Here is a simple way in ant: (just the relevant snippets, not a lesson
in ant)
...
path id=classpath
Sent: Wednesday, December 03, 2003 2:51 PM
To: Tomcat Users List
Subject: RE: JDBCRealm problem
Thank you.
What a educational ride.
I did the compilation of the jdbcrealm.java
Now I am getting the http status 403 !!!
again, without this realm setup in server.xml, by just using the DD
file, I
,
james
-Original Message-
From: Ostad, James
Sent: Wednesday, December 03, 2003 2:51 PM
To: Tomcat Users List
Subject: RE: JDBCRealm problem
Thank you.
What a educational ride.
I did the compilation of the jdbcrealm.java
Now I am getting the http status 403 !!!
again, without this realm setup
: Wednesday, November 26, 2003 4:00 PM
To: Tomcat Users List
Subject: Re: JDBCRealm problem
The problem is this:
2003-11-26 11:53:19 JDBCRealm[localhost]: Exception performing
authentication
java.sql.SQLException: [Microsoft][SQLServer 2000 Driver for JDBC]Can't
start
a cloned connection while
one more thing, you might have notice by my first email, I am
initializing the database connection within the web.xml. I am not sure
that has to do with the problem.
The initialization in web.xml is for internal bean usage.
thanks,
James
-Original Message-
From: Ostad, James
Sent:
The problem is this:
2003-11-26 11:53:19 JDBCRealm[localhost]: Exception performing authentication
java.sql.SQLException: [Microsoft][SQLServer 2000 Driver for JDBC]Can't start
a cloned connection while in manual transaction mode.
Since I don't use SQL server and Java, I can't be of more help,
anything.
thanks,
James
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 26, 2003 4:00 PM
To: Tomcat Users List
Subject: Re: JDBCRealm problem
The problem is this:
2003-11-26 11:53:19 JDBCRealm[localhost]: Exception performing
authentication
Hi,
it works now. :-)
The reconnect function of Tomcat 4.1.29 works, when there is really no
jdbc-connection from tomcat to the database.
Therefore we changed the timeout settings in the firewall that the 'connction'
timeout has the same value as the 'absolute' timeout an the 'half-close'
I think 4.1.29's JDBCRealm tried to reconnect on failure.
we upgrade to Tomcat 4.1.29 because I heard about a new ErrorRecovery function
in the JDBCRealm. Which Parameter in which xml-file is responsible for this
feature.
our firewall (Cisco PIX 506) seems to be the reason for a
My bad, the patch I was thinking of was made in tomcat5. Hopefully, I'll be
able to backport it Friday.
-Tim
Holger de Wall wrote:
I think 4.1.29's JDBCRealm tried to reconnect on failure.
we upgrade to Tomcat 4.1.29 because I heard about a new ErrorRecovery function
in the JDBCRealm. Which
Andrew,
anyone please correct me if I'm wrong, but I'm afraid you've got at least
two problems here:
1. As far as I know it is not possible to define a Realm outside of
server.xml. If you do not have access to that file, I see no way you can use
container managed security, which is a
On Wednesday 19 November 2003 10:52 am, Andreas Mohrig wrote:
1. As far as I know it is not possible to define a Realm outside of
server.xml. If you do not have access to that file, I see no way you can
use container managed security, which is a prerequisite for form based
authentication (or
Can anyone advise of a work-around, or let me know if I have overlooked
You might want to look at http://www.securityfilter.org/
It mimics CMS, but it can be rolled up inside your application.
Jon
-
To unsubscribe, e-mail:
:52
To: 'Tomcat Users List'
Subject: RE: JDBCRealm configuration and JBDC Driver classpath
Andrew,
anyone please correct me if I'm wrong, but I'm afraid you've got at least
two problems here:
1. As far as I know it is not possible to define a Realm outside of
server.xml. If you do not have access
]
Sent: Wednesday, November 19, 2003 6:31 PM
To: Tomcat Users List
Subject: RE: JDBCRealm configuration and JBDC Driver classpath
Thanks for your comments.
I am beginning to suspect that my options are limited and may have to resort
to application managed security which I have tried to avoid up
Jon, thank you.
I will certainly implement this option if my plea to my ISP falls on deaf
ears.
Andrew
-Original Message-
From: Jon Anderson [mailto:[EMAIL PROTECTED]
Sent: 19 November 2003 17:16
To: Tomcat Users List
Subject: Re: JDBCRealm configuration and JBDC Driver classpath
Can
Hallo,
How can we force the Servlet-Engine to establish a new Realm-Connection
to the Database without a restarting the complete Tomcat-Server ?
I think 4.1.29's JDBCRealm tried to reconnect on failure.
it wasn't the solution :-(
Holger de Wall
Oops, that patch is in tomcat5 and wasn't backported to 4.1.
-Tim
Holger de Wall wrote:
Hallo,
How can we force the Servlet-Engine to establish a new Realm-Connection
to the Database without a restarting the complete Tomcat-Server ?
I think 4.1.29's JDBCRealm tried to reconnect on failure.
it
I think 4.1.29's JDBCRealm tried to reconnect on failure.
-Tim
Holger de Wall wrote:
BITTE DURCHSEHEN
our firewall (Cisco PIX 506) seems to be the reason for a 'java.sql.Exception'
given by the JDBCRealm:
Hi,
this is me again.
I just wanted to say that I found out that web.xml is ALWAYS
read at least for the security settings (I only tested for that)
This also seems independent of the flag in server.xml where you can
set reloadable to false.
So the good news is, that you can have variable roles
FYI - I removed the REALM entry for the Database user lookup and used
the tomcat-users.xml file and it works fine. It only fails when I have
the REALM entry. But I still don't know why it is not working right.
Gregg
-Original Message-
From: Gregg Bolinger [mailto:[EMAIL PROTECTED]
August 2003 19:36
To: 'Tomcat Users List'
Subject: RE: JDBCRealm
FYI - I removed the REALM entry for the Database user lookup and used
the tomcat-users.xml file and it works fine. It only fails when I have
the REALM entry. But I still don't know why it is not working right.
Gregg
-Original
.
-Original Message-
From: Stuart MacPherson [mailto:[EMAIL PROTECTED]
Sent: Friday, August 01, 2003 1:48 PM
To: 'Tomcat Users List'
Subject: RE: JDBCRealm
You don't have a 'roles' table in your database. 'User_roles' is a link
entity between 'user' and 'roles'... In this tables you should specify
: Friday, August 01, 2003 1:55 PM
To: 'Tomcat Users List'
Subject: RE: JDBCRealm
Actually, I do have a roles table with a column named Role and I have my
roles listed there. Is there anywhere in the realm config I need to
specify this table. Because in the docs it only specifies the user
table
*bash* ;)
Gonna go back to the 'ranch now Gregg ? hehe.
-Original Message-
From: Gregg Bolinger [mailto:[EMAIL PROTECTED]
Sent: Friday, August 01, 2003 2:08 PM
To: 'Tomcat Users List'
Subject: RE: JDBCRealm
Ok, I figured out my STUPID problem. I was giving the wrong
I would if the damn thing wasn't so busy. All I get are 503's! We
need to hurry up and get that hardware upgraded. :)
Gregg
-Original Message-
From: Mike Curwen [mailto:[EMAIL PROTECTED]
Sent: Friday, August 01, 2003 2:20 PM
To: 'Tomcat Users List'
Subject: RE: JDBCRealm
*bash
I have JDBCRealm and Form Based AUTH.
I have an image in my login.jsp file.
Like this:
IMG src='/myApp/images/myImage.gif' width='250' height='75'
When I navigate to myApp/index.jsp, I get redirected to my login.jsp
file (just as I should).
But, when I login, I get redirected to the image
(Guessing)
Put the image in an unprotected area. Since the image was the most recent
request under a secutiry contraint, you are being redirected to that request
on successfull login.
-Tim
Rick Roberts wrote:
I have JDBCRealm and Form Based AUTH.
I have an image in my login.jsp file.
Like
Ahhh! Thanks. That makes complete sense.
I believe that is the correct thing to do.
Now I need to figure out a way to *easily* re-arrange my directories to handle
*un-protected* and *protected* areas.
I currently have everything protected.
security-constraint
web-resource-collection
List
Subject: Re: JDBCRealm - Login redirects to my image instead
(Guessing)
Put the image in an unprotected area. Since the image was the
most recent
request under a secutiry contraint, you are being redirected
to that request
on successfull login.
-Tim
Rick Roberts wrote:
I
they implement it thusly ?
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Monday, July 14, 2003 10:53 AM
To: Tomcat Users List
Subject: Re: JDBCRealm - Login redirects to my image instead
(Guessing)
Put the image in an unprotected area. Since the image was the
most
The spec says the action for logging in is j_security_check with parameters
j_username and j_password.
There are no parameters to say what the request/resource caused the security
check. So without extending the spec with custom (non-portable)
functionality, the last request seems to be
- Move the image to another context?
- absolute URL the image to another place?
- define many url-pattern - this could be done easily via slurping your
access log and using perl
-Tim
Rick Roberts wrote:
Ahhh! Thanks. That makes complete sense.
I believe that is the correct thing to do.
Now I
At 12:09 PM 7/10/2003 -0400, you wrote:
Should my JDBCRealm login reset when the session times out?
I have tried it in both Basic AUTH and Form AUTH.
My session never times out.
I'm not entirely sure about Form AUTH, but Basic AUTH doesn't use
sessions. The browser caches the login information
: Thursday, July 10, 2003 11:16 AM
To: Tomcat Users List
Subject: Re: JDBCRealm - Session not timing out
At 12:09 PM 7/10/2003 -0400, you wrote:
Should my JDBCRealm login reset when the session times out?
I have tried it in both Basic AUTH and Form AUTH.
My session never times out.
I'm
-
From: Jacob Kjome [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 10, 2003 11:16 AM
To: Tomcat Users List
Subject: Re: JDBCRealm - Session not timing out
At 12:09 PM 7/10/2003 -0400, you wrote:
Should my JDBCRealm login reset when the session times out?
I have tried it in both Basic AUTH
-Original Message-
From: Jacob Kjome [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 10, 2003 12:29 PM
To: Tomcat Users List
Subject: RE: JDBCRealm - Session not timing out
Basic AUTH gets resent automatically, you'd just start
them over with a
new session. Don't make any
My application is now timing out correctly, using Form AUTH.
Not sure why it would not do it earlier, unless it had something to do with me
deleting everything out of the working directory before trying the test again.
I will continue to test it and let you know what I see.
--
I'm not entirely sure about Form AUTH, but Basic AUTH doesn't use
sessions. The browser caches the login information provided and
re-sends it on each request. So, there is no real time out for Basic
AUTH. The only equivalent would be to close all open browsers. This
deletes the cache of
where URL rewriting is *always* done
(like iPlanet).
-Original Message-
From: Rick Roberts [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 10, 2003 12:56 PM
To: Tomcat Users List
Subject: Re: JDBCRealm - Session not timing out
I'm not entirely sure about Form AUTH, but Basic AUTH
OK. I think that I have all the information I need to continue.
When I run this piece of code:
%
session = request.getSession();
if( session.isNew() )
out.println( brNew Session );
else{
out.println( brUsing Old Session );
Enumeration enames = session.getAttributeNames();
Still haven't figured it out.
Can anyone help?
Thanks,
--
***
* Rick Roberts*
* Advanced Information Technologies, Inc. *
***
Have you read my reply in your other thread ?
-Original Message-
From: Rick Roberts [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 1:04 PM
To: Tomcat Users List
Subject: Re: JDBCRealm first try
Still haven't figured it out.
Can anyone help?
Thanks
I believe that during restart of a context, all sessions get serialized to
disk.
but the serialization does not serialize the principal. You can try to file
a bug for this, but I might be afraid that it may get shutdown because of
security concerns
Filip
-Original Message-
From: Dan
Filip Hanik ([EMAIL PROTECTED]) wrote:
I believe that during restart of a context, all sessions get serialized to
disk.
but the serialization does not serialize the principal. You can try to file
a bug for this, but I might be afraid that it may get shutdown because of
security concerns
The real question is how big of a performance problem is the DefaultServlet
in Tomcat compared to Apache. Are you REALLY losing THAT much performance
by letting the DefaultServlet serve those static files? Is it necessary?
- Original Message -
From: Mete Kural [EMAIL PROTECTED]
To:
I'm with you on this request. I'm currently just serving static content
with Tomcat, but luckily the traffic for this content is low.
It seems this would require an Apache mod that integrated with the Tomcat
Realm system, at least requiring Apache authentication and module building
knowledge as
Thanks for your email.
The answer to the question as to how much of a performance gain we would get by
integrating Apache is something that I don't fully understand. I always hear people
saying that if you have a lot of static requests, Apache will give you a performance
boost compared to HTTP
Hi Colin,
Did you figure out ways to make Tomcat's static file serving capabilities more
performant? Any suggestions?
-Mete
-- Original Message --
From: Madere, Colin [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
Date: Mon, 24 Mar 2003
Oops,
I made a case mistake with usernameCol=user_name, should be
userNameCol=user_name
Thanks.
Paul
-Original Message-
From: Paul Bothma [mailto:[EMAIL PROTECTED]]
Sent: 13 February 2003 17:02
To: Tomcat Help
Subject: JDBCRealm
Hi,
I'm trying to use a JDBC realm with Tomcat 4.1.12.
Subject: Re: JDBCRealm
Alright, I finally have my answer. Postgres prepends the username to the
password before creating the digest. For example, if I wish to create a
postgres account with the username 'tomcat' and password 'tomcat', postgres
will prepend 'tomcat' to 'tomcat' to create
Sorry, for the post... Solved it myself.
The trick was that you should NOT put your password into the
connectionURL
instead one can use:
Realm className=org.apache.catalina.realm.JDBCRealm debug=99
driverName=com.mysql.jdbc.Driver
If you want to use inside xml you have to encode it.
?user=praksispassword=foo
should be changed to
?user=praksisamp;password=foo
BTW: In the JDBCRealm-howto they use ; to seperate
the password from the user.
?user=praksis;password=foo
As I'm not using mysql I'm not shure if that is correct.
attributes and
you are on the safe side...
Michael
-Original Message-
From: Ralph Einfeldt [mailto:[EMAIL PROTECTED]]
Sent: Dienstag, 14. Januar 2003 14:25
To: Tomcat Users List; [EMAIL PROTECTED]
Subject: RE: JDBCRealm problem with MySQL after adding
password and changing user account
Alright, I finally have my answer. Postgres prepends the username to the
password before creating the digest. For example, if I wish to create a
postgres account with the username 'tomcat' and password 'tomcat', postgres
will prepend 'tomcat' to 'tomcat' to create 'tomcattomcat' and then make
* Rob Abernethy IV [EMAIL PROTECTED] [0130 19:30]:
Alright, I finally have my answer. Postgres prepends the username to the
password before creating the digest. For example, if I wish to create a
postgres account with the username 'tomcat' and password 'tomcat', postgres
will prepend
Ok, I got Java and Perl to come up with the same digest. Postgres' is
different. I think it has something to do with the 'salt'. Postgres uses
the username as salt. I don't know much about MD5 encryption, but it seems
as though Java is using a different salt and, therefore, coming up with a
Clear-text password: tomcat
java org.apache.catalina.RealmBase -a MD5 tomcat
1b359d8753858b55befa0441067aaed3
select passwd from pg_shadow where usename='tomcat'
md5efcc1c51a80be13b59cdb96d758a0184
md5sum -t tomcat
042d39e062dd4bf342e088dc832526f9
String password = tomcat;
byte[] md_password
The MD5'd password *is* in the pg_shadow.passwd column. I don't see what
I'm doing wrong. And, as far as confusing postgres users with tomcat users,
is there a problem with using the same user for both? I kind of thought
that was the point. When I create a user, they can use the same
- Original Message -
The MD5'd password *is* in the pg_shadow.passwd column. I don't see what
I'm doing wrong.
Is Postgres (or anything other than Java) generating the MD5'd passwords for
the pg_shadow table? If so, have you manually generated the MD5's to see if
they are the same?
1 - 100 of 176 matches
Mail list logo
