Hi;
Here is the roles table:
mysql> select * from roles;
+-----------+
| role_name |
+-----------+
| admin |
+-----------+
1 row in set (0.02 sec)
I noticed I did have a mistake in the realm declaration in my server.xml. I
had the wrong user table name. That is fixed this but still have the
problem:
<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/tomcatusers?user=user&password=pas
sword"
userTable="users" userNameCol="user_name"
userCredCol="user_pass" userRoleTable="user_roles"
roleNameCol="role_name" />
I also changed my security declaration to have a realm-name in the login
config:
<!-- security -->
<security-constraint>
<web-resource-collection>
<web-resource-name>fw</web-resource-name>
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>fw</realm-name>
</login-config>
</security-constraint>
The error is (which appears without a login window first allowing me to
authenticate):
HTTP Status 403 - Configuration error: Cannot perform access control without
an authenticated principal
type Status report
message Configuration error: Cannot perform access control without an
authenticated principal
description Access to the specified resource (Configuration error: Cannot
perform access control without an authenticated principal) has been
forbidden.
Apache Tomcat/5.0.28
Thanks,
Luke
----- Original Message -----
From: "LERBSCHER Jean-Pierre" <[EMAIL PROTECTED]>
To: "'Tomcat Users List'" <[email protected]>
Sent: Thursday, February 10, 2005 12:27 AM
Subject: RE : Security Newbie - Need Help
> Hi,
> Could you verify that you have declared your admin role in the web.xml
> file.
> <security-role>
> <role-name>admin</role-name>
> </security-role>
>
> -----Message d'origine-----
> De : Luke [mailto:[EMAIL PROTECTED]
> Envoy� : jeudi 10 f�vrier 2005 07:33
> � : Tomcat Users List
> Objet : Security Newbie - Need Help
>
>
> Hi;
>
> I am trying to install a security realm for my application. I am expecting
a
> browser login window. But instead I get:
>
> HTTP Status 403 - Configuration error: Cannot perform access control
> without an authenticated principal
> type Status report
> message Configuration error: Cannot perform access control without an
> authenticated principal
> description Access to the specified resource (Configuration error: Cannot
> perform access control without an authenticated principal) has been
> forbidden.
> Apache Tomcat/5.0.28
>
> Why I am not getting the login window?
>
> Here is the web.xml in project root/WEB-INF
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>fw</web-resource-name>
> <url-pattern>*.do</url-pattern>
> <http-method>POST</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>admin</role-name>
> </auth-constraint>
> <login-config>
> <auth-method>BASIC</auth-method>
> </login-config>
> </security-constraint>
>
>
> <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
> driverName="org.gjt.mm.mysql.Driver"
>
>
connectionURL="jdbc:mysql://localhost/applicationusers?user=user&passwor
> d=password"
> userTable="applicationusers" userNameCol="user_name"
> userCredCol="user_pass" userRoleTable="user_roles"
> roleNameCol="role_name" />
>
> The table structure was created using the following sql:
>
> create table users (
> user_name varchar(15) not null primary key,
> user_pass varchar(15) not null
>
> );
>
> create table user_roles (
> user_name varchar(15) not null,
> role_name varchar(15) not null,
> primary key (user_name, role_name)
> );
>
> How can I trouble shoot this? The log doesn't show anything. Any tips
would
> be great.
>
> Thanks,
>
> Luke
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
