in case no one noticed and it matters, web.xml has following typo in it, where resource is spelled "ressource": > > <web-ressource-collection> > > <web-ressource-name>test</web-ressource-name>
----- Original Message ----- From: "Adam Hardy" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Tuesday, September 23, 2003 12:39 PM Subject: Re: JDBC Realm problems > Your config looks OK. Are you getting any errors logged when you try to > log on? > > On 09/23/2003 04:43 PM Laurent Perez wrote: > > Hello > > > > I am trying to protect a webapp I wrote using a JDBCRealm, but it > > doesn't seem to work as expected. I am using Tomcat 4.1.27, and > > Postgresql 7.3.2, with latest JDBC driver within $tomcat/common/lib. > > > > My realm is described as follows, in $tomcat/conf/server.xml : > > > > <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" > > driverName="org.postgresql.Driver" > > digest="md5" > > connectionURL="jdbc:postgresql://127.0.0.1/mydb" > > connectionName="mylogin" connectionPassword="mypass" > > userTable="pg_shadow" userNameCol="usename" userCredCol="passwd" > > userRoleTable="named_roles" roleNameCol="role" /> > > > > When I start Tomcat, I can see it connecting and idling to mydb, so JDBC > > driver works. Also 'mylogin' has read access on named_roles. > > > > My webapp is called 'test' and located within $tomcat/webapps/, its > > WEB-INF/web.xml is as follows : > > > > <?xml version="1.0" encoding="ISO-8859-1"?> > > > > <!DOCTYPE web-app > > PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" > > "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd";> > > > > <web-app> > > <security-constraint> > > <web-ressource-collection> > > <web-ressource-name>test</web-ressource-name> > > <url-pattern>/*</url-pattern> > > </web-ressource-collection> > > <auth-constraint> > > <role-name>myrole</role-name> > > </auth-constraint> > > </security-constraint> > > <login-config> > > <auth-method>BASIC</auth-method> > > <realm-name>test</realm-name> > > </login-config> > > <security-role> > > <role-name>myrole</role-name> > > </security-role> > > </web-app> > > > > The 'myrole' role is defined in my named_roles table, and I have several > > users under that role. I did add <security-role> tags because Tomcat > > would warn me about 'myrole' not being within <security-role> tags on > > startup. > > > > Now when I am trying to access http://localhost:8080/test, no > > authentication window pops up, I can access it freely, which shouldn't > > be correct (?). When I look at logs, I can see : > > 2003-09-23 14:14:52 ContextConfig[/test]: Configured an authenticator > > for method BASIC > > 2003-09-23 14:14:52 StandardManager[/test]: Seeding random number > > generator class java.security.SecureRandom > > 2003-09-23 14:14:52 StandardManager[/test]: Seeding of random number > > generator has been completed > > > > If BASIC auth method is activated, why isn't my browser showing up an > > auth window ? :-/ > > > > Also I know Postgres doesn't store md5 password files like > > md5_func(password), but instead md5_func(password+login), will it cause > > problems with Tomcat's digest=md5 behaviour ? > > > > Thanks for any help > > > > Laurent Perez > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > -- > struts 1.1 + tomcat 4.1.27 + java 1.4.2 > Linux 2.4.20 RH9 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
