Can anyone confirm that JDBCRealm is indeed working
using the Apache mod_webapp Connector only (ie. no
http standalone defined)?
The credentials strings are null within JDBCRealm and
from the RequestDumperValve.
Setup:
Apache httpd.conf excerpt:
==========================
WebAppConnection conn warp stove:8008
WebAppDeploy ctx1 conn /cntx
Catalina server.xml:
====================
<Server port="8005" shutdown="SHUTDOWN" debug="0">
<Service name="Tomcat-Apache">
<Connector
className="org.apache.catalina.connector.warp.WarpConnector"
port="8008" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="0"/>
<Engine defaultHost="stove"
className="org.apache.catalina.connector.warp.WarpEngine"
name="Apache" debug="0" appBase="webapps">
<Valve
className="org.apache.catalina.valves.RequestDumperValve"/>
<Realm
className="org.apache.catalina.realm.JDBCRealm"
debug="99"
driverName="COM.ibm.db2.jdbc.app.DB2Driver"
connectionURL="jdbc:db2:AuthDBName"
userTable="APPADMIN.USERINFO" userNameCol="userid"
userCredCol="password"
userRoleTable="APPADMIN.USER_ROLES"
roleNameCol="role_name"
connectionName="adminuser"
connectionPassword="adminuser"/>
<Host name="stove" debug="0" appBase="webapps"
unpackWARs="true">
<Valve
className="org.apache.catalina.authenticator.SingleSignOn"
debug="99"/>
<Logger
className="org.apache.catalina.logger.FileLogger"
prefix="apache_log." suffix=".txt"
timestamp="true"/>
<Valve
className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="access_log." suffix=".txt"
pattern="common"/>
<Logger
className="org.apache.catalina.logger.FileLogger"
directory="logs" prefix="stove_log."
suffix=".txt"
timestamp="true"/>
<Context path="/cntx" docBase="cntx" debug="0"
reloadable="true">
<Logger
className="org.apache.catalina.logger.FileLogger"
prefix="wtc_context_log."
suffix=".txt"
timestamp="true"/>
<Environment name="maxExemptions"
type="java.lang.Integer"
value="15"/>
</Context>
</Host>
</Engine>
</Service>
</Server>
Application (/cntx/)web.xml:
============================
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web
Application 2.3//EN"
"http://java.sun.com/j2ee/dtds/web-app_2_3.dtd";>
<web-app>
<security-constraint>
<display-name>Authentication Area</display-name>
<web-resource-collection>
<web-resource-name>Protected
Area</web-resource-name>
<!-- Define the context-relative URL(s) to be
protected -->
<url-pattern>/*</url-pattern>
<!-- If you list http methods, only those methods
are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may
access this area -->
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Restricted Application
Domain</realm-name>
</login-config>
</web-app>
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
