Hi all, I am trying to use JDBCRealm to store user login information in an oracle database. I am working on a Windows2000 machine, using jdk1.4, and Tomcat4.0.4.
In server.xml, i have this configuration: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="oracle.jdbc.driver.OracleDriver" connectionURL="jdbc:oracle:thin:usr/pass@host:1521:ORCL" userTable="users" userNameCol="user_name" userCredCol="user_pass" userRoleTable="user_roles" roleNameCol="role_name" digest="MD5" /> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ In an Oracle8i database, i have a table called "users" which has two columns named "user_name" and "user_pass" ; and yet another one called "user_roles" with to columns named "user_name" and "user_role". When i store user passwords in cleartext, everything works fine. I want to store passwords in a digested form. So, i have used the following code to store a user_name : baris, user_pass : aksu and user_role : director. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ import org.apache.catalina.realm.RealmBase; import java.io.*; import java.sql.*; public class DigestDene { public static void main(String[] args) { try { String username = args[0]; String password = args[1]; String role = args[2]; String digested = RealmBase.Digest(password, "MD5"); //Here, code that connects to the database /* ...... */ stmt.executeUpdate("insert into users values('" + username + "', '" + digested + "')"); stmt.executeUpdate("insert into user_roles values ('" + username + "', '" + role + "')"); } catch(Exception ex) {} } } ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Then, i have inserted my user's info from the command-line with : ^^^^^^^^^^^^^^^^^^^^^^^^^^ java DigestDene baris aksu director ^^^^^^^^^^^^^^^^^^^^^^^^^^^ After this, I have these values in the database : (in table users) USER_NAME USER_PASS --------------- ------------------------ baris 394e654ca65973f232653fb0008c603d (in table user_roles) USER_NAME USER_ROLE ------------------- --------- baris director Lastly, in web.xml i have these lines : ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ <security-constraint> <web-resource-collection> <web-resource-name>Protected Basla Servlet </web-resource-name> <url-pattern>/servlet/IlkGirisServlet </url-pattern> </web-resource-collection> <auth-constraint> <role-name>director</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> </login-config> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ When i try to acces my protected resource, i am presented with the classic login screen for BASIC authentication, and after i type "baris" for username and "aksu" for password, Tomcat doesn't simply let me in. Any suggestions or comments will be greatly appreciated. Baris..... __________________________________________________ Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>