-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Konstantin,
On 7/9/2015 10:39 PM, Konstantin Kolinko wrote: > 2015-07-10 2:35 GMT+03:00 Mark Eggers > <its_toas...@yahoo.com.invalid>: >> >> Folks, >> >> I seem to be having a problem trying to use form-based >> authentication. What worked in 7.0.62 no longer works in 7.0.63. >> Using 7.0.62 I can successfully authenticate in my toy >> application and the latest version of Jenkins. Using 7.0.63 I end >> up on the form error page in my toy application and the latest >> version of Jenkins. >> >> I've not changed any of the configuration files. I run Tomcat >> using $CATALINA_HOME and $CATALINA_BASE. To upgrade Tomcat, I >> just install a new version and move some links around. >> >> Here is a rundown of my environment: >> > [....] > > How it fails? (Steps, maybe also Access Log output) Steps to fail: Use the following architecture: Browser -- Apache HTTPD -- mod-jk -- Tomcat 7.0.63 -- Application 1. Access main page of application 2. Select the login link 3. Fill out the login form (username and password) 4. Click on the login button 5. Get the error login page > > Quick test with direct access to Tomcat and examples webapp = > success. > (http://localhost:8080/examples/jsp/security/protected/index.jsp) > > Possible areas to test: 1. httpd / mod_jk : Do you have failure > with direct access to Tomcat ? > No, direct access to Tomcat 7.0.63 on port 8080 works as expected. In other words: Browser -- Tomcat 7.0.63 -- Application works. > 2. cookie / set-cookie headers e.g. see AccessLogValve > configuration here: > https://bz.apache.org/bugzilla/show_bug.cgi?id=57872#c0 Here's what I placed in the pattern attribute of the AccessLogValve (all one line): %a - - %t %m %U %H %s %B SessionId: %S Cookie received: %{cookie}i Set-Cookie sent: %{set-cookie}o Here's the log output in the following scenario: Browser -- Apache HTTPD -- mod-jk -- Tomcat 7.0.63 -- Application 192.168.0.250 - - [10/Jul/2015:01:19:39 -0700] GET /RPets HTTP/1.1 302 0 SessionId: - Cookie received: - Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:19:39 -0700] GET /RPets/ HTTP/1.1 200 1595 SessionId: 38503E0B0A32A870DABE772453A5A553 Cookie received: JSESSIONID=38503E0B0A32A870DABE772453A5A553 Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:19:43 -0700] GET /RPets/protected/personalize.jsp HTTP/1.1 304 0 SessionId: F1DCC3FDF2DD75F563A67430BA985287 Cookie received: JSESSIONID=38503E0B0A32A870DABE772453A5A553 Set-Cookie sent: JSESSIONID=F1DCC3FDF2DD75F563A67430BA985287; Path=/RPets/; HttpOnly 192.168.0.250 - - [10/Jul/2015:01:19:53 -0700] POST /RPets/protected/j_security_check HTTP/1.1 200 1111 SessionId: F1DCC3FDF2DD75F563A67430BA985287 Cookie received: JSESSIONID=F1DCC3FDF2DD75F563A67430BA985287 Set-Cookie sent: - [ and the error page for a failed login is displayed ] Here's the log output in the following scenario: Browser -- Tomcat 7.0.63 -- Application 192.168.0.250 - - [10/Jul/2015:01:32:44 -0700] GET /RPets HTTP/1.1 302 0 SessionId: - Cookie received: - Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:32:44 -0700] GET /RPets/ HTTP/1.1 200 1595 SessionId: F1DCC3FDF2DD75F563A67430BA985287 Cookie received: JSESSIONID=F1DCC3FDF2DD75F563A67430BA985287 Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:32:47 -0700] GET /RPets/protected/personalize.jsp HTTP/1.1 200 1090 SessionId: 6E42788DECF5F96688EF7D51FC41EA0F Cookie received: JSESSIONID=F1DCC3FDF2DD75F563A67430BA985287 Set-Cookie sent: JSESSIONID=6E42788DECF5F96688EF7D51FC41EA0F; Path=/RPets/; HttpOnly 192.168.0.250 - - [10/Jul/2015:01:32:56 -0700] POST /RPets/protected/j_security_check HTTP/1.1 302 0 SessionId: 6E42788DECF5F96688EF7D51FC41EA0F Cookie received: JSESSIONID=6E42788DECF5F96688EF7D51FC41EA0F Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:32:56 -0700] GET /RPets/protected/personalize.jsp HTTP/1.1 200 2405 SessionId: CC61312515FED5CF197475B41AA7B017 Cookie received: JSESSIONID=F1DCC3FDF2DD75F563A67430BA985287 Set-Cookie sent: JSESSIONID=CC61312515FED5CF197475B41AA7B017; Path=/RPets/; HttpOnly 192.168.0.250 - - [10/Jul/2015:01:32:57 -0700] GET /RPets/protected/css/pbasic.css HTTP/1.1 304 0 SessionId: CC61312515FED5CF197475B41AA7B017 Cookie received: JSESSIONID=CC61312515FED5CF197475B41AA7B017 Set-Cookie sent: - [ login succeeds and the personalize.jsp page is displayed ] Here's the log output in the following scenario: Browser -- Apache HTTPD -- mod-jk -- Tomcat 7.0.62 -- Application 192.168.0.250 - - [10/Jul/2015:01:54:24 -0700] GET /RPets HTTP/1.1 302 0 SessionId: - Cookie received: - Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:54:25 -0700] GET /RPets/ HTTP/1.1 200 1595 SessionId: - Cookie received: - Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:54:29 -0700] GET /RPets/protected/personalize.jsp HTTP/1.1 304 0 SessionId: 11AD7E9AE579C904277AB59A8DAC0F58 Cookie received: - Set-Cookie sent: JSESSIONID=11AD7E9AE579C904277AB59A8DAC0F58; Path=/RPets/; HttpOnly 192.168.0.250 - - [10/Jul/2015:01:54:38 -0700] POST /RPets/protected/j_security_check HTTP/1.1 302 0 SessionId: 11AD7E9AE579C904277AB59A8DAC0F58 Cookie received: JSESSIONID=11AD7E9AE579C904277AB59A8DAC0F58 Set-Cookie sent: - 192.168.0.250 - - [10/Jul/2015:01:54:38 -0700] GET /RPets/protected/personalize.jsp HTTP/1.1 200 2405 SessionId: A2C819F6093F6E8A110BC656BADFF754 Cookie received: - Set-Cookie sent: JSESSIONID=A2C819F6093F6E8A110BC656BADFF754; Path=/RPets/; HttpOnly 192.168.0.250 - - [10/Jul/2015:01:54:38 -0700] GET /RPets/protected/css/pbasic.css HTTP/1.1 304 0 SessionId: A2C819F6093F6E8A110BC656BADFF754 Cookie received: JSESSIONID=A2C819F6093F6E8A110BC656BADFF754 Set-Cookie sent: - [ login succeeds and the personalize.jsp page is displayed ] > > 3. Realm > Here's the Realm in context.xml: <Context antiJARLocking="true"> <Resource auth="Container" description="Pet authentication" driverClassName="com.mysql.jdbc.Driver" maxActive="10" maxIdle="3" maxWait="10000" name="jdbc/auth" password="foopasswd" type="javax.sql.DataSource" url="jdbc:mysql://localhost/petauth" username="foouser" validationQuery="SELECT 1"/> <Realm className="org.apache.catalina.realm.DataSourceRealm" dataSourceName="jdbc/auth" localDataSource="true" roleNameCol="rolename" userCredCol="password" userNameCol="username" userRoleTable="roles" userTable="users"/> </Context> > Best regards, Konstantin Kolinko Thanks, /mde/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVn4wbAAoJEEFGbsYNeTwtt18H/3+OoNJoKk40YTVBRMTebxcB t+5KD0iipF6MGSbyQsdPxvpbfnD+ISlus/MM9wRXBBd7IZZ9F+LiKYIQJdx45Dv0 BO8N3IaKkr/d8kGa+p3z+h5w0YJDDutok79/mjJMx40Rrtj4X8d7JyxAN5k4SdcW i2VHiNxiUvE4nGsDO3II0vVaVeba6iBUQ0n5doKt/Ex05qHilQhhU/Ub/x+eqgrs /h1+uop0krl9wgDaDHj/CLJxEgTuyVmFqEBfLvju9HZZ/u6H+68YdktjNHx84I4f TOME1w740C4juzLne8R7WlR0ZTietEeCwo5lsrxqeL/I2B5MHSE+fw+StuSNoCA= =hMUM -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org