Re: Security Newbie - Need Help

Luke Thu, 10 Feb 2005 04:03:22 -0800

Hi;

Here is the roles table:


mysql> select * from roles;
+-----------+
| role_name |
+-----------+
| admin     |
+-----------+
1 row in set (0.02 sec)

I noticed I did have a mistake in the realm declaration in my server.xml. I
had the wrong user table name. That is fixed this but still have the
problem:

      <Realm  className="org.apache.catalina.realm.JDBCRealm" debug="99"
        driverName="org.gjt.mm.mysql.Driver"

connectionURL="jdbc:mysql://localhost/tomcatusers?user=user&amp;password=pas
sword"
        userTable="users" userNameCol="user_name"
        userCredCol="user_pass" userRoleTable="user_roles"
roleNameCol="role_name" />

I also changed my security declaration to have a realm-name in the login
config:

<!-- security -->
<security-constraint>
<web-resource-collection>
<web-resource-name>fw</web-resource-name>
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>fw</realm-name>
</login-config>
</security-constraint>

The error is (which appears without a login window first allowing me to
authenticate):


HTTP Status 403 - Configuration error: Cannot perform access control without
an authenticated principal
type Status report
message Configuration error: Cannot perform access control without an
authenticated principal
description Access to the specified resource (Configuration error: Cannot
perform access control without an authenticated principal) has been
forbidden.
Apache Tomcat/5.0.28


Thanks,

Luke

----- Original Message ----- 
From: "LERBSCHER Jean-Pierre" <[EMAIL PROTECTED]>
To: "'Tomcat Users List'" <tomcat-user@jakarta.apache.org>
Sent: Thursday, February 10, 2005 12:27 AM
Subject: RE : Security Newbie - Need Help


> Hi,
> Could you verify  that you have declared your admin role in the web.xml
> file.
>     <security-role>
>       <role-name>admin</role-name>
>     </security-role>
>
> -----Message d'origine-----
> De : Luke [mailto:[EMAIL PROTECTED]
> Envoyé : jeudi 10 février 2005 07:33
> À : Tomcat Users List
> Objet : Security Newbie - Need Help
>
>
> Hi;
>
> I am trying to install a security realm for my application. I am expecting
a
> browser login window. But instead I get:
>
>  HTTP Status 403 - Configuration error: Cannot perform access control
> without an authenticated principal
> type Status report
> message Configuration error: Cannot perform access control without an
> authenticated principal
> description Access to the specified resource (Configuration error: Cannot
> perform access control without an authenticated principal) has been
> forbidden.
> Apache Tomcat/5.0.28
>
> Why I am not getting the login window?
>
> Here is the web.xml in project root/WEB-INF
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>fw</web-resource-name>
> <url-pattern>*.do</url-pattern>
> <http-method>POST</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>admin</role-name>
> </auth-constraint>
> <login-config>
> <auth-method>BASIC</auth-method>
> </login-config>
> </security-constraint>
>
>
>  <Realm  className="org.apache.catalina.realm.JDBCRealm" debug="99"
>         driverName="org.gjt.mm.mysql.Driver"
>
>
connectionURL="jdbc:mysql://localhost/applicationusers?user=user&amp;passwor
> d=password"
>         userTable="applicationusers" userNameCol="user_name"
>         userCredCol="user_pass" userRoleTable="user_roles"
> roleNameCol="role_name" />
>
> The table structure was created using the following sql:
>
> create table users (
>   user_name         varchar(15) not null primary key,
>   user_pass         varchar(15) not null
>
> );
>
> create table user_roles (
>   user_name         varchar(15) not null,
>   role_name         varchar(15) not null,
>   primary key (user_name, role_name)
> );
>
> How can I trouble shoot this? The log doesn't show anything. Any tips
would
> be great.
>
> Thanks,
>
> Luke
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Security Newbie - Need Help

Reply via email to