Yes, I tried that too, but had the same problem. If I had put this in the server.xml file I would never have seen the problem. The fact I'm putting in the META-INF/context.xml file and am doing an "ant deploy" to send it via http is causing the problem. Turns out you've got to encode that stupid ampersand.
This works: connectionURL="jdbc:mysql://localhost/authority?user=dbuser&password=dbpass" Thanks for the help. Perhaps someone else will benfit from my discovery. This should be in a FAQ somewhere. Jim. "Shapira, Yoav" wrote: > > Howdy, > I'm surprised JDBCRealm even gets you that far. You should use <Realm > as the document says: > <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" > driverName="org.gjt.mm.mysql.Driver" > > connectionURL="jdbc:mysql://localhost/authority?user=dbuser&password=dbp > ass" > userTable="users" userNameCol="user_name" userCredCol="user_pass" > userRoleTable="user_roles" roleNameCol="role_name"/> > > The document I'm referring to is: > http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#JDBCRea > lm > > Yoav Shapira > Millennium ChemInformatics > > >-----Original Message----- > >From: Jim Lynch [mailto:[EMAIL PROTECTED] > >Sent: Thursday, June 19, 2003 4:20 PM > >To: Tomcat Users List > >Subject: Re: Can <JDBCrealm ... be in META-INF/context.xml file? > > > >Thanks, I'm making progress. I found samples of three different > >versions of the "realm" descriptor. > > > ><JDBCRealm ... <realm ... and <Realm > > > ><JDBCRealm and <Realm both behave the same. When I use them with: > >connectionURL="jdbc:mysql://localhost/authority?user=jim&password=jim" > >I get an error message upon deployment: > >FAIL - Encountered exception java.io.IOException: > >org.xml.sax.SAXParseException: The reference to entity "password" must > >end with the ';' delimiter. > > > >Adding a ; to the end of the password doesn't help. However changing > it > >to: > >connectionURL="jdbc:mysql://localhost/authority?user=jim;password=jim" > >does fix the problem, however when I attempt to log in, it fails. > >There are no entries in the mysql.log file so I'm pretty sure it isn't > >actually getting logged in. > > > >Here is part of the localhost_log.2003-06-19.txt file: > > > >I apologize for the wrap... > > > > > >2003-06-19 16:02:09 StandardWrapper[/resources:default]: Loading > >container servlet default > >2003-06-19 16:02:09 StandardWrapper[/resources:invoker]: Loading > >container servlet invoker > >2003-06-19 16:02:09 StandardContext[/resources]: Starting completed > >2003-06-19 16:02:31 Authenticator[/resources]: Security checking > request > >GET /resources > >2003-06-19 16:02:31 Authenticator[/resources]: Checking constraint > >'SecurityConstraint[resources]' against GET --> true > >2003-06-19 16:02:31 Authenticator[/resources]: Subject to constraint > >SecurityConstraint[resources] > >2003-06-19 16:02:31 Authenticator[/resources]: Calling checkUserData() > >2003-06-19 16:02:31 Authenticator[/resources]: User data constraint > >has no restrictions > >2003-06-19 16:02:31 Authenticator[/resources]: Calling authenticate() > >2003-06-19 16:02:31 Authenticator[/resources]: Failed authenticate() > >test > >2003-06-19 16:02:31 Authenticator[/resources]: Security checking > request > >GET /resources > >2003-06-19 16:02:31 Authenticator[/resources]: Checking constraint > >'SecurityConstraint[resources]' against GET --> true > >2003-06-19 16:02:31 Authenticator[/resources]: Subject to constraint > >SecurityConstraint[resources] > >2003-06-19 16:02:31 Authenticator[/resources]: Calling checkUserData() > >2003-06-19 16:02:31 Authenticator[/resources]: User data constraint > >has no restrictions > >2003-06-19 16:02:31 Authenticator[/resources]: Calling authenticate() > >2003-06-19 16:02:31 Authenticator[/resources]: Failed authenticate() > >test > >2003-06-19 16:02:33 Authenticator[/resources]: Security checking > request > >GET /resources > >2003-06-19 16:02:33 Authenticator[/resources]: Checking constraint > >'SecurityConstraint[resources]' against GET --> true > >2003-06-19 16:02:33 Authenticator[/resources]: Subject to constraint > >SecurityConstraint[resources] > >2003-06-19 16:02:33 Authenticator[/resources]: Calling checkUserData() > >2003-06-19 16:02:33 Authenticator[/resources]: User data constraint > >has no restrictions > >2003-06-19 16:02:33 Authenticator[/resources]: Calling authenticate() > >2003-06-19 16:02:33 Authenticator[/resources]: Failed authenticate() > >test > > > > > > > > > >I can't find anything in the log as a result of the debug setting in > the > ><realm . Here's my whole context.xml file: > > > ><Context className="org.apache.catalina.core.StandardContext" > >cachingAllowed="true" > >charsetMapperClass="org.apache.catalina.util.CharsetMapper" > > cookies="true" crossContext="false" debug="9" > > displayName="resources" > >docBase="/usr/local/jakarta-tomcat-4.1.24/webapps/resources" > >mapperClass="org.apache.catalina.core.StandardContextMapper" > > path="/resources" privileged="false" reloadable="false" > > swallowOutput="false" useNaming="true" > >wrapperClass="org.apache.catalina.core.StandardWrapper"> > > > > <JDBCRealm classname="org.apache.catalina.realm.JDBCRealm" > >debug="9" driverName="org.gjt.mm.mysql.Driver" > > > >connectionURL="jdbc:mysql://localhost/authority?user=jim&password=jim" > > userTable="users" > > userNameCol="user_name" > > userCredCol="user_pass" > > userRoleTable="user_roles" roleNameCol="role_name" /> > > </Context> > > > >Anyone see what might be wrong? > > > > > >I've logged into the mysql database with the user/pw and accessed the > >tables so I'm sure that is working. Besides, if he attempted to log > in, > >it would show up in the mysql.log. The application I'm trying to > >protect is accessing mysql fine, so I know the .jar file is working. > > > >THanks, > >Jim. > > > >"Shapira, Yoav" wrote: > >> > >> Howdy, > >> As the Realm configuration document says: > >> > >> "You may nest a Realm inside any Catalina container Engine, Host, or > >> Context). In addition, Realms associated with an Engine or a Host are > >> automatically inherited by lower-level containers, unless explicitly > >> overridden." > >> > >> So yes to your first (subject line) question. > >> > >> >Next question. Once I've got it there, what do I have to do to > >> >1. For a login for the app. > >> >2. After the user has logged in, how do I get his role? > >> > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > This e-mail, including any attachments, is a confidential business communication, > and may contain information that is confidential, proprietary and/or privileged. > This e-mail is intended only for the individual(s) to whom it is addressed, and may > not be saved, copied, printed, disclosed or used by anyone else. If you are not > the(an) intended recipient, please immediately delete this e-mail from your computer > system and notify the sender. Thank you. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
