Re: JDBCRealm conection timeout failure on getPassword
Hello Mark, Thanks for pointing out my missing localDataResource property. It is prominent enough in the wiki, I just failed to pay close attention. With this property, the everything in META-INF/context.xml configuration worked. Other configurations still do not work except the one I described (Resource in conf/server.xml AND conf/context.xml, Realm in the engine element of conf/server.xml). This covers the deployment scenarios that I may encounter. If someone out there is interested in pursuing the reasons why other scenarios did not work for me, I will be happy to provide more details and info. Otherwise, thanks to the input of all who responded to this thread, I am happy with the configurations that do work for me. BTW I checked the resource-ref element and from what I gather, it provides a level of isolation between the resource name coded in the application and the one actually defined in configuration files, so you can change the latter without having to recompile your app. Finally, for those interested, here are the contents of relevant config files in my setup with comments removed and sensitive material replaced (I am deploying my app as ROOT.war on Tomcat 7): My application's web.xml ?xml version=1.0 encoding=UTF-8? web-app xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns= http://java.sun.com/xml/ns/javaee; xmlns:web= http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd; xsi:schemaLocation= http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd; id=WebApp_ID version=3.0 display-nameMyApp/display-name welcome-file-list welcome-filedefault.jsp/welcome-file /welcome-file-list security-constraint web-resource-collection web-resource-namemember-access/web-resource-name url-pattern /priv/* /url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection auth-constraint role-name site-admin /role-name role-name admin /role-name role-name user /role-name /auth-constraint user-data-constraint transport-guaranteeNONE/transport-guarantee /user-data-constraint /security-constraint filter filter-nameAccessFilter/filter-name filter-classcom.mydns.filter.MyFilter/filter-class /filter filter-mapping filter-nameAccessFilter/filter-name url-pattern/*/url-pattern /filter-mapping login-config auth-methodFORM/auth-method form-login-config form-login-page/login.jsp/form-login-page form-error-page/login.jsp/form-error-page !-- form-error-page/fail_login.jsp/form-error-page -- /form-login-config /login-config security-role description System Administrator /description role-name site-admin /role-name /security-role security-role description Manager /description role-name admin /role-name /security-role security-role description User /description role-name user /role-name /security-role /web-app --- My app's META-INF/context.xml (if used): ?xml version=1.0 encoding=UTF-8? Context Resource name=jdbc/MyAppDB type=javax.sql.DataSource auth=Container driverClassName=com.mysql.jdbc.Driver maxActive=100 maxWait=1 maxIdle=30 password=password logAbandoned=true username=username removeAbandoned=true removeAbandonedTimeout=60 url=jdbc:mysql://localhost:3306/databasename / Realm className=org.apache.catalina.realm.DataSourceRealm dataSourceName=jdbc/MyAppDB userTable=users userNameCol=username userCredCol=password userRoleTable=roles roleNameCol=rolename digest=digestname localDataSource=true / /Context -- $CATALINA_HOME/conf/context.xml ?xml version=1.0 encoding=UTF-8? Context WatchedResourceWEB-INF/web.xml/WatchedResource !-- MY RESOURCE ELEMENT GOES HERE -- /Context - $CATALINA_HOME/conf/server.xml ?xml version=1.0 encoding=UTF-8? Server port=8005 shutdown=SHUTDOWN Listener SSLEngine=on className=org.apache.catalina.core.AprLifecycleListener/ Listener className=org.apache.catalina.core.JasperListener/ Listener className=org.apache.catalina.core.JreMemoryLeakPreventionListener/ Listener className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener/ Listener className=org.apache.catalina.core.ThreadLocalLeakPreventionListener/ GlobalNamingResources Resource auth=Container description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory name=UserDatabase pathname=conf/tomcat-users.xml type=org.apache.catalina.UserDatabase/ !-- MY RESOURCE ELEMENT GOES HERE -- /GlobalNamingResources Service name=Catalina Connector connectionTimeout=2 port=80 protocol=HTTP/1.1 redirectPort=8443/ Connector port=8009 protocol=AJP/1.3 redirectPort=8443/ Engine
JDBCRealm conection timeout failure on getPassword
Hello List, My application is configured for JDBCRealm authentication uses a MySQL database. For my own use inside the application, I have setup a connection pool to access the database, However, the configuration of JDBCRealm in server.xml uses astand-alone connection. Since MySQL times-out connections after 8 hours, I get the following error in tomcat logs as I try to log-in after the connection times out: Oct 7, 2012 8:36:51 AM org.apache.catalina.realm.JDBCRealm getPassword SEVERE: Exception performing authentication com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: No operations allowed after connection closed.Connection was implicitly closed by the driver. Users do not notice this error (I presume tomcat's JDBCRealm will create a new connection), but it is disconcerting to have all these exceptions in tomcat logs, especially that when the server goes into production mode, I fear this will have adverse effects. Is it possible to have JDBDRealm use the same connection pool which my application uses (which is setup in tomcat's context.xml so it should be accessible to all applications in tomcat). Thanks.
Re: JDBCRealm conection timeout failure on getPassword
Aladin Dajani aladin.daj...@gmail.com schrieb: Hello List, My application is configured for JDBCRealm authentication uses a MySQL database. For my own use inside the application, I have setup a connection pool to access the database, However, the configuration of JDBCRealm in server.xml uses astand-alone connection. Since MySQL times-out connections after 8 hours, I get the following error in tomcat logs as I try to log-in after the connection times out: Oct 7, 2012 8:36:51 AM org.apache.catalina.realm.JDBCRealm getPassword SEVERE: Exception performing authentication com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: No operations allowed after connection closed.Connection was implicitly closed by the driver. Users do not notice this error (I presume tomcat's JDBCRealm will create a new connection), but it US disconcerting to have all these exceptions in tomcat logs, especially that when the server goes into production mode, I fear this will have adverse effects. Is it possible to have JDBDRealm use the same connection pool which my application uses (which is setup in tomcat's context.xml so it should be accessible to all applications in tomcat). Have a look at DatasourceRealm. Regards Felix Thanks. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JDBCRealm conection timeout failure on getPassword
Thanks Felix, This does look like what I need. On Sun, Oct 7, 2012 at 9:36 AM, Felix Schumacher felix.schumac...@internetallee.de wrote: Aladin Dajani aladin.daj...@gmail.com schrieb: Hello List, My application is configured for JDBCRealm authentication uses a MySQL database. For my own use inside the application, I have setup a connection pool to access the database, However, the configuration of JDBCRealm in server.xml uses astand-alone connection. Since MySQL times-out connections after 8 hours, I get the following error in tomcat logs as I try to log-in after the connection times out: Oct 7, 2012 8:36:51 AM org.apache.catalina.realm.JDBCRealm getPassword SEVERE: Exception performing authentication com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: No operations allowed after connection closed.Connection was implicitly closed by the driver. Users do not notice this error (I presume tomcat's JDBCRealm will create a new connection), but it US disconcerting to have all these exceptions in tomcat logs, especially that when the server goes into production mode, I fear this will have adverse effects. Is it possible to have JDBDRealm use the same connection pool which my application uses (which is setup in tomcat's context.xml so it should be accessible to all applications in tomcat). Have a look at DatasourceRealm. Regards Felix Thanks. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JDBCRealm conection timeout failure on getPassword
OK So I tried to use DataSourceRealm. Seems simple enough. but I get the following exception: Oct 7, 2012 9:54:51 AM org.apache.catalina.realm.DataSourceRealm open SEVERE: Exception performing authentication javax.naming.NameNotFoundException: Name jdbc is not bound in this Context Here is my configuration. context.xml is unchanged from previous setup (works well for pooled database access within the app) {catalina-base}\conf\context.xml: Resource name=jdbc/MyAppDB auth=Container driverClassName=com.mysql.jdbc.Driver logAbandoned=true maxActive=100 maxIdle=30 maxWait=1 password=password username=user removeAbandoned=true removeAbandonedTimeout=60 type=javax.sql.DataSource url=jdbc:mysql://localhost:3306/databasename / Server.xml replaces the JDBCRealm with the DataSourceRealm as below {catalina-base}\conf\server.xml: Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.DataSourceRealm dataSourceName=jdbc/MyAppDB userTable=users userNameCol=username userCredCol=password userRoleTable=roles roleNameCol=rolename digest=MD5 / /Realm Have I missed a configuration somewhere ? Thanks. On Sun, Oct 7, 2012 at 9:36 AM, Felix Schumacher felix.schumac...@internetallee.de wrote: Aladin Dajani aladin.daj...@gmail.com schrieb: Hello List, My application is configured for JDBCRealm authentication uses a MySQL database. For my own use inside the application, I have setup a connection pool to access the database, However, the configuration of JDBCRealm in server.xml uses astand-alone connection. Since MySQL times-out connections after 8 hours, I get the following error in tomcat logs as I try to log-in after the connection times out: Oct 7, 2012 8:36:51 AM org.apache.catalina.realm.JDBCRealm getPassword SEVERE: Exception performing authentication com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: No operations allowed after connection closed.Connection was implicitly closed by the driver. Users do not notice this error (I presume tomcat's JDBCRealm will create a new connection), but it US disconcerting to have all these exceptions in tomcat logs, especially that when the server goes into production mode, I fear this will have adverse effects. Is it possible to have JDBDRealm use the same connection pool which my application uses (which is setup in tomcat's context.xml so it should be accessible to all applications in tomcat). Have a look at DatasourceRealm. Regards Felix Thanks. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JDBCRealm conection timeout failure on getPassword
On 7 Oct 2012, at 15:26, Aladin Dajani aladin.daj...@gmail.com wrote: OK So I tried to use DataSourceRealm. Seems simple enough. but I get the following exception: Oct 7, 2012 9:54:51 AM org.apache.catalina.realm.DataSourceRealm open SEVERE: Exception performing authentication javax.naming.NameNotFoundException: Name jdbc is not bound in this Context Here is my configuration. context.xml is unchanged from previous setup (works well for pooled database access within the app) {catalina-base}\conf\context.xml: Resource name=jdbc/MyAppDB auth=Container driverClassName=com.mysql.jdbc.Driver logAbandoned=true maxActive=100 maxIdle=30 maxWait=1 password=password username=user removeAbandoned=true removeAbandonedTimeout=60 type=javax.sql.DataSource url=jdbc:mysql://localhost:3306/databasename / Server.xml replaces the JDBCRealm with the DataSourceRealm as below {catalina-base}\conf\server.xml: Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.DataSourceRealm dataSourceName=jdbc/MyAppDB userTable=users userNameCol=username userCredCol=password userRoleTable=roles roleNameCol=rolename digest=MD5 / /Realm Have I missed a configuration somewhere ? Yes, define the Resource in GlobalResources in server.xml. p Thanks. On Sun, Oct 7, 2012 at 9:36 AM, Felix Schumacher felix.schumac...@internetallee.de wrote: Aladin Dajani aladin.daj...@gmail.com schrieb: Hello List, My application is configured for JDBCRealm authentication uses a MySQL database. For my own use inside the application, I have setup a connection pool to access the database, However, the configuration of JDBCRealm in server.xml uses astand-alone connection. Since MySQL times-out connections after 8 hours, I get the following error in tomcat logs as I try to log-in after the connection times out: Oct 7, 2012 8:36:51 AM org.apache.catalina.realm.JDBCRealm getPassword SEVERE: Exception performing authentication com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: No operations allowed after connection closed.Connection was implicitly closed by the driver. Users do not notice this error (I presume tomcat's JDBCRealm will create a new connection), but it US disconcerting to have all these exceptions in tomcat logs, especially that when the server goes into production mode, I fear this will have adverse effects. Is it possible to have JDBDRealm use the same connection pool which my application uses (which is setup in tomcat's context.xml so it should be accessible to all applications in tomcat). Have a look at DatasourceRealm. Regards Felix Thanks. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JDBCRealm conection timeout failure on getPassword
On 10/7/2012 8:22 AM, Pid * wrote: On 7 Oct 2012, at 15:26, Aladin Dajani aladin.daj...@gmail.com wrote: OK So I tried to use DataSourceRealm. Seems simple enough. but I get the following exception: Oct 7, 2012 9:54:51 AM org.apache.catalina.realm.DataSourceRealm open SEVERE: Exception performing authentication javax.naming.NameNotFoundException: Name jdbc is not bound in this Context Here is my configuration. context.xml is unchanged from previous setup (works well for pooled database access within the app) {catalina-base}\conf\context.xml: Resource name=jdbc/MyAppDB auth=Container driverClassName=com.mysql.jdbc.Driver logAbandoned=true maxActive=100 maxIdle=30 maxWait=1 password=password username=user removeAbandoned=true removeAbandonedTimeout=60 type=javax.sql.DataSource url=jdbc:mysql://localhost:3306/databasename / Server.xml replaces the JDBCRealm with the DataSourceRealm as below {catalina-base}\conf\server.xml: Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.DataSourceRealm dataSourceName=jdbc/MyAppDB userTable=users userNameCol=username userCredCol=password userRoleTable=roles roleNameCol=rolename digest=MD5 / /Realm Have I missed a configuration somewhere ? Yes, define the Resource in GlobalResources in server.xml. p Here's the Wiki document on the various combinations: http://wiki.apache.org/tomcat/TomcatDataSourceRealms /mde/ Thanks. On Sun, Oct 7, 2012 at 9:36 AM, Felix Schumacher felix.schumac...@internetallee.de wrote: Aladin Dajani aladin.daj...@gmail.com schrieb: Hello List, My application is configured for JDBCRealm authentication uses a MySQL database. For my own use inside the application, I have setup a connection pool to access the database, However, the configuration of JDBCRealm in server.xml uses astand-alone connection. Since MySQL times-out connections after 8 hours, I get the following error in tomcat logs as I try to log-in after the connection times out: Oct 7, 2012 8:36:51 AM org.apache.catalina.realm.JDBCRealm getPassword SEVERE: Exception performing authentication com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: No operations allowed after connection closed.Connection was implicitly closed by the driver. Users do not notice this error (I presume tomcat's JDBCRealm will create a new connection), but it US disconcerting to have all these exceptions in tomcat logs, especially that when the server goes into production mode, I fear this will have adverse effects. Is it possible to have JDBDRealm use the same connection pool which my application uses (which is setup in tomcat's context.xml so it should be accessible to all applications in tomcat). Have a look at DatasourceRealm. Regards Felix Thanks. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JDBCRealm conection timeout failure on getPassword
Thank you all for your help. I now have DataSourceRealm based authentication up and running with my connection pool. One thing I want to mention is that I was unable to make teh scenarios described in the wiki work until I duplicated the Resource definition in both server.xml and in context.xml. I tried several combinations as described in the wiki and outside and this is the one that worked, for now this is what matters to me. Thanks On Sun, Oct 7, 2012 at 11:33 AM, Mark Eggers its_toas...@yahoo.com wrote: On 10/7/2012 8:22 AM, Pid * wrote: On 7 Oct 2012, at 15:26, Aladin Dajani aladin.daj...@gmail.com wrote: OK So I tried to use DataSourceRealm. Seems simple enough. but I get the following exception: Oct 7, 2012 9:54:51 AM org.apache.catalina.realm.**DataSourceRealm open SEVERE: Exception performing authentication javax.naming.**NameNotFoundException: Name jdbc is not bound in this Context Here is my configuration. context.xml is unchanged from previous setup (works well for pooled database access within the app) {catalina-base}\conf\context.**xml: Resource name=jdbc/MyAppDB auth=Container driverClassName=com.mysql.**jdbc.Driver logAbandoned=true maxActive=100 maxIdle=30 maxWait=1 password=password username=user removeAbandoned=true removeAbandonedTimeout=60 type=javax.sql.DataSource url=jdbc:mysql://localhost:**3306/databasename / Server.xml replaces the JDBCRealm with the DataSourceRealm as below {catalina-base}\conf\server.**xml: Realm className=org.apache.**catalina.realm.LockOutRealm Realm className=org.apache.**catalina.realm.**DataSourceRealm dataSourceName=jdbc/MyAppDB userTable=users userNameCol=username userCredCol=password userRoleTable=roles roleNameCol=rolename digest=MD5 / /Realm Have I missed a configuration somewhere ? Yes, define the Resource in GlobalResources in server.xml. p Here's the Wiki document on the various combinations: http://wiki.apache.org/tomcat/**TomcatDataSourceRealmshttp://wiki.apache.org/tomcat/TomcatDataSourceRealms /mde/ Thanks. On Sun, Oct 7, 2012 at 9:36 AM, Felix Schumacher felix.schumacher@**internetallee.de felix.schumac...@internetallee.de wrote: Aladin Dajani aladin.daj...@gmail.com schrieb: Hello List, My application is configured for JDBCRealm authentication uses a MySQL database. For my own use inside the application, I have setup a connection pool to access the database, However, the configuration of JDBCRealm in server.xml uses astand-alone connection. Since MySQL times-out connections after 8 hours, I get the following error in tomcat logs as I try to log-in after the connection times out: Oct 7, 2012 8:36:51 AM org.apache.catalina.realm.**JDBCRealm getPassword SEVERE: Exception performing authentication com.mysql.jdbc.exceptions.**jdbc4.**MySQLNonTransientConnectionExc** eption: No operations allowed after connection closed.Connection was implicitly closed by the driver. Users do not notice this error (I presume tomcat's JDBCRealm will create a new connection), but it US disconcerting to have all these exceptions in tomcat logs, especially that when the server goes into production mode, I fear this will have adverse effects. Is it possible to have JDBDRealm use the same connection pool which my application uses (which is setup in tomcat's context.xml so it should be accessible to all applications in tomcat). Have a look at DatasourceRealm. Regards Felix Thanks. --**--**- To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.orgusers-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JDBCRealm conection timeout failure on getPassword
On 07/10/2012 19:40, Aladin Dajani wrote: Thank you all for your help. I now have DataSourceRealm based authentication up and running with my connection pool. One thing I want to mention is that I was unable to make teh scenarios described in the wiki work until I duplicated the Resource definition in both server.xml and in context.xml. That is unlikely to be accurate unless you are using the datasource for something else. The GlobalResources definition will be the one working. The tomcat/conf/context.xml definition will only be valid for Realms created inside the Context; and will create a separate pool for each application deployed. p I tried several combinations as described in the wiki and outside and this is the one that worked, for now this is what matters to me. Thanks On Sun, Oct 7, 2012 at 11:33 AM, Mark Eggers its_toas...@yahoo.com wrote: On 10/7/2012 8:22 AM, Pid * wrote: On 7 Oct 2012, at 15:26, Aladin Dajani aladin.daj...@gmail.com wrote: OK So I tried to use DataSourceRealm. Seems simple enough. but I get the following exception: Oct 7, 2012 9:54:51 AM org.apache.catalina.realm.**DataSourceRealm open SEVERE: Exception performing authentication javax.naming.**NameNotFoundException: Name jdbc is not bound in this Context Here is my configuration. context.xml is unchanged from previous setup (works well for pooled database access within the app) {catalina-base}\conf\context.**xml: Resource name=jdbc/MyAppDB auth=Container driverClassName=com.mysql.**jdbc.Driver logAbandoned=true maxActive=100 maxIdle=30 maxWait=1 password=password username=user removeAbandoned=true removeAbandonedTimeout=60 type=javax.sql.DataSource url=jdbc:mysql://localhost:**3306/databasename / Server.xml replaces the JDBCRealm with the DataSourceRealm as below {catalina-base}\conf\server.**xml: Realm className=org.apache.**catalina.realm.LockOutRealm Realm className=org.apache.**catalina.realm.**DataSourceRealm dataSourceName=jdbc/MyAppDB userTable=users userNameCol=username userCredCol=password userRoleTable=roles roleNameCol=rolename digest=MD5 / /Realm Have I missed a configuration somewhere ? Yes, define the Resource in GlobalResources in server.xml. p Here's the Wiki document on the various combinations: http://wiki.apache.org/tomcat/**TomcatDataSourceRealmshttp://wiki.apache.org/tomcat/TomcatDataSourceRealms /mde/ Thanks. On Sun, Oct 7, 2012 at 9:36 AM, Felix Schumacher felix.schumacher@**internetallee.de felix.schumac...@internetallee.de wrote: Aladin Dajani aladin.daj...@gmail.com schrieb: Hello List, My application is configured for JDBCRealm authentication uses a MySQL database. For my own use inside the application, I have setup a connection pool to access the database, However, the configuration of JDBCRealm in server.xml uses astand-alone connection. Since MySQL times-out connections after 8 hours, I get the following error in tomcat logs as I try to log-in after the connection times out: Oct 7, 2012 8:36:51 AM org.apache.catalina.realm.**JDBCRealm getPassword SEVERE: Exception performing authentication com.mysql.jdbc.exceptions.**jdbc4.**MySQLNonTransientConnectionExc** eption: No operations allowed after connection closed.Connection was implicitly closed by the driver. Users do not notice this error (I presume tomcat's JDBCRealm will create a new connection), but it US disconcerting to have all these exceptions in tomcat logs, especially that when the server goes into production mode, I fear this will have adverse effects. Is it possible to have JDBDRealm use the same connection pool which my application uses (which is setup in tomcat's context.xml so it should be accessible to all applications in tomcat). Have a look at DatasourceRealm. Regards Felix Thanks. --**--**- To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.orgusers-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- [key:62590808] signature.asc Description: OpenPGP digital signature
Re: JDBCRealm conection timeout failure on getPassword
Hello Pid, I cannot dismiss that there may be inaccuracies as you mentioned in your response, perhaps you could help me figure them out. Here are the cases I tried (the first three were outlined in the wiki http://wiki.apache.org/tomcat/TomcatDataSourceRealms) MY REALM ELEMENT: Realm className=org.apache.catalina.realm.DataSourceRealm dataSourceName=jdbc/MyAppDB userTable=users userNameCol=username userCredCol=password userRoleTable=roles roleNameCol=rolename digest=digestname / MY RESOURCE ELEMENT: Resource name=jdbc/MyAppDB type=javax.sql.DataSource auth=Container driverClassName=com.mysql.jdbc.Driver maxActive=100 maxWait=1 maxIdle=30 password=password logAbandoned=true username=username removeAbandoned=true removeAbandonedTimeout=60 url=jdbc:mysql://localhost:3306/databasename / Case 1: Everything in META-INF/context.xml META-INF/context.xml contains: Context MY RESOURCE ELEMENT GOES HERE MY REALM ELEMENT GOES HERE /Context $CATALINA_HOME/conf/server.xml contains: GlobalNamingResources Resource auth=Container description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory name=UserDatabase pathname=conf/tomcat-users.xml type=org.apache.catalina.UserDatabase/ /GlobalNamingResources and Engine Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ /Realm Host../Host /Engine $CATALINA_HOME/conf.context.xml conatins Context WatchedResourceWEB-INF/web.xml/WatchedResource /Context Result: Login form is presented but login fails when valid credentials are used $CATALINA_HOME/logs/localhos.data.log contains: Oct 7, 2012 5:05:55 PM org.apache.catalina.realm.DataSourceRealm open SEVERE: Exception performing authentication javax.naming.NameNotFoundException: Name jdbc is not bound in this Context Note I suspect some issue with context.xml since tomcat did not copy it to $CATALINA_HOME/conf/localhost = Case 2: Using GlobalNamingResources and META-INF/context.xml META-INF/context.xml contains: Context MY REALM ELEMENT GOES HERE /Context $CATALINA_HOME/conf/server.xml contains: GlobalNamingResources Resource auth=Container description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory name=UserDatabase pathname=conf/tomcat-users.xml type=org.apache.catalina.UserDatabase/ MY RESOURCE ELEMENT GOES HERE /GlobalNamingResources No changes to Engine or Host elements No change to $CATALINA_HOME/conf.context.xml conatins Result: Fails. Application's login form fails to display. tomcat7-stdout.date.log contains: Cannot get connection: javax.naming.NameNotFoundException: Name jdbc is not bound in this Context Note I suspect some issue with context.xml since tomcat did not copy it to $CATALINA_HOME/conf/localhost case 3: Using $CATALINA_HOME/conf/server.xml only: META-INF/context.xml : Does not exist. $CATALINA_HOME/conf/server.xml contains: GlobalNamingResources Resource auth=Container description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory name=UserDatabase pathname=conf/tomcat-users.xml type=org.apache.catalina.UserDatabase/ MY RESOURCE ELEMENT GOES HERE /GlobalNamingResources and Engine Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ MY REALM ELEMENT GOES HERE /Realm Host../Host /Engine No change to $CATALINA_HOME/conf.context.xml conatins Result: Same as result in case #2 == Case 4: Using $CATALINA_HOME/conf/server.xml only part II: Same as in case 3 above except that the REALM element goes inside the Host element: Engine Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ /Realm Host MY REALM ELEMENT GOES HERE /Host /Engine No change to $CATALINA_HOME/conf.context.xml conatins META-INF/context.xml : Not used (does not exist) Result: Same as cases #2 and 3 above == Case 5: Using $CATALINA_HOME/conf/server.xml and $CATALINA_HOME/conf/context.xml Same as in case 3 above with another copy of resource element added to $CATALINA_HOME/conf/context.xml (in addition to the one in server.xml) $CATALINA_HOME/conf.context.xml conatins Context WatchedResourceWEB-INF/web.xml/WatchedResource MY RESOURCE ELEMENT GOES HERE /Context Result: SUCCESS. Login form is presented
Re: JDBCRealm conection timeout failure on getPassword
Comments inline. On 10/7/2012 3:31 PM, Aladin Dajani wrote: Hello Pid, I cannot dismiss that there may be inaccuracies as you mentioned in your response, perhaps you could help me figure them out. Here are the cases I tried (the first three were outlined in the wiki http://wiki.apache.org/tomcat/TomcatDataSourceRealms) MY REALM ELEMENT: Realm className=org.apache.catalina.realm.DataSourceRealm dataSourceName=jdbc/MyAppDB userTable=users userNameCol=username userCredCol=password userRoleTable=roles roleNameCol=rolename digest=digestname / MY RESOURCE ELEMENT: Resource name=jdbc/MyAppDB type=javax.sql.DataSource auth=Container driverClassName=com.mysql.jdbc.Driver maxActive=100 maxWait=1 maxIdle=30 password=password logAbandoned=true username=username removeAbandoned=true removeAbandonedTimeout=60 url=jdbc:mysql://localhost:3306/databasename / It might be nice to have a validation query here, so you know you're getting a connection to the database. Case 1: Everything in META-INF/context.xml META-INF/context.xml contains: Context MY RESOURCE ELEMENT GOES HERE MY REALM ELEMENT GOES HERE /Context Please note that you are missing a localDataSource=true in your Realm element of context.xml. This is required when both the Realm and the Resource are defined in context.xml. The Wiki mentions this, but maybe it's not prominent enough. $CATALINA_HOME/conf/server.xml contains: GlobalNamingResources Resource auth=Container description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory name=UserDatabase pathname=conf/tomcat-users.xml type=org.apache.catalina.UserDatabase/ /GlobalNamingResources and Engine Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ /Realm Host../Host /Engine $CATALINA_HOME/conf.context.xml conatins Context WatchedResourceWEB-INF/web.xml/WatchedResource /Context Result: Login form is presented but login fails when valid credentials are used $CATALINA_HOME/logs/localhos.data.log contains: Oct 7, 2012 5:05:55 PM org.apache.catalina.realm.DataSourceRealm open SEVERE: Exception performing authentication javax.naming.NameNotFoundException: Name jdbc is not bound in this Context Note I suspect some issue with context.xml since tomcat did not copy it to $CATALINA_HOME/conf/localhost = Case 2: Using GlobalNamingResources and META-INF/context.xml META-INF/context.xml contains: Context MY REALM ELEMENT GOES HERE /Context $CATALINA_HOME/conf/server.xml contains: GlobalNamingResources Resource auth=Container description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory name=UserDatabase pathname=conf/tomcat-users.xml type=org.apache.catalina.UserDatabase/ MY RESOURCE ELEMENT GOES HERE /GlobalNamingResources No changes to Engine or Host elements No change to $CATALINA_HOME/conf.context.xml conatins Result: Fails. Application's login form fails to display. tomcat7-stdout.date.log contains: Cannot get connection: javax.naming.NameNotFoundException: Name jdbc is not bound in this Context Note I suspect some issue with context.xml since tomcat did not copy it to $CATALINA_HOME/conf/localhost case 3: Using $CATALINA_HOME/conf/server.xml only: META-INF/context.xml : Does not exist. $CATALINA_HOME/conf/server.xml contains: GlobalNamingResources Resource auth=Container description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory name=UserDatabase pathname=conf/tomcat-users.xml type=org.apache.catalina.UserDatabase/ MY RESOURCE ELEMENT GOES HERE /GlobalNamingResources and Engine Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ MY REALM ELEMENT GOES HERE /Realm Host../Host /Engine No change to $CATALINA_HOME/conf.context.xml conatins Result: Same as result in case #2 == Case 4: Using $CATALINA_HOME/conf/server.xml only part II: Same as in case 3 above except that the REALM element goes inside the Host element: Engine Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ /Realm Host MY REALM ELEMENT GOES HERE /Host /Engine No change to $CATALINA_HOME/conf.context.xml conatins META-INF/context.xml : Not used (does not