I'm trying to do the basic setup of this and failing. I had this working
under Tomcat 3.2 a year ago or so and don't know what I'm missing this time.
OS: WinNT
Tomcat: 3.3.1 (also tried 3.3a prior to upgrading)
DB: SQLServer
I'm doing the simple one in "server.xml" (not the context one) and followed
all the directions and even used my old 'web.xml' security configuration to
be sure I was doing it right. Problem is, I never see the "JDBCRealm
connected" like I used to 3.2 when Tomcat starts, NOR anything related when
the page is accessed, nor am I prompted for authentication. Basically it
looks like Tomcat is ignoring all my settings with respect to JDBCRealms.
When setting the debug lvl to "10", I do get this upon startup:
2002-04-17 17:02:47 - LogEvents: addInterceptor
org.apache.tomcat.modules.aaa.JDBCRealm@3ca5f1
but nothing when the page is accessed.
Here are the relevent sections of my server.xml and web.xml, respectively:
(server.xml)
<JDBCRealm
debug="99"
driverName="com.microsoft.jdbc.sqlserver.SQLServerDriver"
connectionURL="jdbc:microsoft:sqlserver://DBServer:1433;user=bob;password=th
ing;database=WebLogin;SelectMethod=cursor"
userTable="users"
userNameCol="username"
userCredCol="userpass"
userRoleTable="userroles"
roleNameCol="rolename" />
(web.xml)
<security-constraint>
<web-resource-collection>
<web-resource-name>Resume System</web-resource-name>
<url-pattern>/ResumeSystem/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>employee</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Basic Authentication Area</realm-name>
</login-config>
(also tried these web.xml entries)
<security-constraint>
<web-resource-collection>
<web-resource-name>ResumeSystem</web-resource-name>
<url-pattern>/ResumeSystem/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>employee</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>IEM Web</realm-name>
</login-config>
<security-role>
<role-name>employee</role-name>
</security-role>
NOTE:
Servlets work, JDBC connection works
Searched the archives but nothing helped.
Colin Madere
P.S. I apologize for any formatting madness, Outlook hid my "Plain Text"
option and company policy dictates email client :(
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>