Manager app authentication not working with JDBCRealm

Wed, 19 Mar 2008 15:47:28 -0700

I can't get the manager app working with authentication using JDBCRealm, even though I've configured it identically to an app I developed that uses the same JDBCRealm instance successfully. In both cases, the app requires a user with role "manager", and the same authentication setup works for my app but not for manager.
I have the following in the file %catalina_home%\webapps\manager\WEB-INF\web.xml (and also in the web.xml for my custom app) 

<security-constraint>
- <#> <web-resource-collection>
 <web-resource-name>HTMLManger and Manager command</web-resource-name>
 <url-pattern>/jmxproxy/*</url-pattern>
 <url-pattern>/html/*</url-pattern>
 <url-pattern>/list</url-pattern>
 <url-pattern>/expire</url-pattern>
 <url-pattern>/sessions</url-pattern>
 <url-pattern>/start</url-pattern>
 <url-pattern>/stop</url-pattern>
 <url-pattern>/install</url-pattern>
 <url-pattern>/remove</url-pattern>
 <url-pattern>/deploy</url-pattern>
 <url-pattern>/undeploy</url-pattern>
 <url-pattern>/reload</url-pattern>
 <url-pattern>/save</url-pattern>
 <url-pattern>/serverinfo</url-pattern>
 <url-pattern>/status/*</url-pattern>
 <url-pattern>/roles</url-pattern>
 <url-pattern>/resources</url-pattern>
 </web-resource-collection>
- <#> <auth-constraint>
 <role-name>manager</role-name>
 </auth-constraint>
 </security-constraint>
- <!--


Define the Login Configuration for this Application 


 -->
- <#> <login-config>
 <auth-method>DIGEST</auth-method>
 <realm-name>JDBCRealm</realm-name>
 </login-config>
- <!--


Security roles referenced by this web application 


 -->
- <#> <security-role>

 <description>The role that is required to log in to the Manager 
Application</description>

 <role-name>manager</role-name>
 </security-role>

And I have the following in server.xml


<Realm className="*org.apache.catalina.realm.JDBCRealm*" debug="*99*" 
driverName="*com.mysql.jdbc.Driver*" 
connectionURL="*jdbc:mysql:///Tomcat_Realm*" connectionName="*xxxx*" 
connectionPassword="xxxxxxxx" userTable="*users*" 
userNameCol="*user_name*" userCredCol="*user_pass*" 
userRoleTable="*user_roles*" roleNameCol="*role_name*" digest="*MD5*" />



I give the same credentials when accessing my custom app and the manager 
app. In the former case, I am granted access; in the latter case, 
authentication fails (I am prompted to re-enter the credentials). I can 
access manager with no problem if I remove the <security-constraint> 
from web.xml or if I use the UserDatabaseRealm shipped with Tomcat, 
after putting the proper entry into tomcat-users.xml. But after adding 
my JDCRealm descriptor entry, I can no longer authenticate successfully 
using UserDatabaseRealm.



Should manager be able to work with JDBCRealm? If not, how can I make it 
work with userDatabaseRealm while other apps are using JDBCRealm?


-Mark

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to