Re: JNDIRealm login failure

Tue, 07 Jan 2003 06:39:33 -0800

Gil

Check whether the directory server is configured to time out idle connections. If so, the first attempt made by Tomcat to authenticate after a long enough period of inactivity will fail in the manner you describe. If this is the problem, you should find that after a second login attempt has succeeded other users can authenticate straight away - until the next long period of inactivity. You may be able fix the problem by disabling timeout on the directory server. (You don't say which directory server you are using).

Really there should be an option for JNDIRealm to check whether the connection is valid and reconnect if not before the authentication attempt is made. However its connection management is very basic!

John.


Gil Chilton wrote:

I have created a simple tomcat web app that uses a
JNDIRealm for authentication per the instructions in
the Tomcat 4.1 documentation. When I start tomcat,
the login process for this web app works fine for a
few minutes or logins.

Eventually, I reach a state where the first login
always fails until I restart Tomcat. Each failed
login results in the following error in the logs:
2003-01-06 14:33:35 JNDIRealm[Standalone]: Exception
performing authentication
javax.naming.CommunicationException. Root exception
is java.net.SocketException: Connection reset
at
java.net.SocketInputStream.read(SocketInputStream.java:168)
at
java.io.BufferedInputStream.fill(BufferedInputStream.java:183)
at
java.io.BufferedInputStream.read1(BufferedInputStream.java:222)
at
java.io.BufferedInputStream.read(BufferedInputStream.java:277)
at
com.sun.jndi.ldap.Connection.run(Connection.java:779)
at java.lang.Thread.run(Thread.java:536)

If the user backs up and resubmits the login a second
time, it works with no additional log entries.

I have seen this on Tomcat 4.1.12 and now 4.1.18 with
BASIC or FORM based authentication. I have searched
the web and mailing lists without a match. The
platform is RedHat Linux 7.3 or 8.0 with Sun's SDK
1.4.1_01 installed. Any ideas?

Thanks

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to