Hi; Here is the roles table:
mysql> select * from roles; +-----------+ | role_name | +-----------+ | admin | +-----------+ 1 row in set (0.02 sec) I noticed I did have a mistake in the realm declaration in my server.xml. I had the wrong user table name. That is fixed this but still have the problem: <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.gjt.mm.mysql.Driver" connectionURL="jdbc:mysql://localhost/tomcatusers?user=user&password=pas sword" userTable="users" userNameCol="user_name" userCredCol="user_pass" userRoleTable="user_roles" roleNameCol="role_name" /> I also changed my security declaration to have a realm-name in the login config: <!-- security --> <security-constraint> <web-resource-collection> <web-resource-name>fw</web-resource-name> <url-pattern>*.do</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>fw</realm-name> </login-config> </security-constraint> The error is (which appears without a login window first allowing me to authenticate): HTTP Status 403 - Configuration error: Cannot perform access control without an authenticated principal type Status report message Configuration error: Cannot perform access control without an authenticated principal description Access to the specified resource (Configuration error: Cannot perform access control without an authenticated principal) has been forbidden. Apache Tomcat/5.0.28 Thanks, Luke ----- Original Message ----- From: "LERBSCHER Jean-Pierre" <[EMAIL PROTECTED]> To: "'Tomcat Users List'" <tomcat-user@jakarta.apache.org> Sent: Thursday, February 10, 2005 12:27 AM Subject: RE : Security Newbie - Need Help > Hi, > Could you verify that you have declared your admin role in the web.xml > file. > <security-role> > <role-name>admin</role-name> > </security-role> > > -----Message d'origine----- > De : Luke [mailto:[EMAIL PROTECTED] > Envoyé : jeudi 10 février 2005 07:33 > À : Tomcat Users List > Objet : Security Newbie - Need Help > > > Hi; > > I am trying to install a security realm for my application. I am expecting a > browser login window. But instead I get: > > HTTP Status 403 - Configuration error: Cannot perform access control > without an authenticated principal > type Status report > message Configuration error: Cannot perform access control without an > authenticated principal > description Access to the specified resource (Configuration error: Cannot > perform access control without an authenticated principal) has been > forbidden. > Apache Tomcat/5.0.28 > > Why I am not getting the login window? > > Here is the web.xml in project root/WEB-INF > > <security-constraint> > <web-resource-collection> > <web-resource-name>fw</web-resource-name> > <url-pattern>*.do</url-pattern> > <http-method>POST</http-method> > </web-resource-collection> > <auth-constraint> > <role-name>admin</role-name> > </auth-constraint> > <login-config> > <auth-method>BASIC</auth-method> > </login-config> > </security-constraint> > > > <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" > driverName="org.gjt.mm.mysql.Driver" > > connectionURL="jdbc:mysql://localhost/applicationusers?user=user&passwor > d=password" > userTable="applicationusers" userNameCol="user_name" > userCredCol="user_pass" userRoleTable="user_roles" > roleNameCol="role_name" /> > > The table structure was created using the following sql: > > create table users ( > user_name varchar(15) not null primary key, > user_pass varchar(15) not null > > ); > > create table user_roles ( > user_name varchar(15) not null, > role_name varchar(15) not null, > primary key (user_name, role_name) > ); > > How can I trouble shoot this? The log doesn't show anything. Any tips would > be great. > > Thanks, > > Luke > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]