tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Fincher" <>
Subject Re: jdbc realm + form authenication setup
Date Mon, 29 Apr 2002 18:58:49 GMT
Hi Julie,

In your web.xml file if you specify auth-method FORM you have to give it two
form names like so:

You only use realm-name if you are using the BASIC authentication scheme.

You have to provide the pages for form-login and form-error.  In the login
page you must have a form with action j_security_check, like so.

  <form name="login" method="post" action="j_security_check">

That form has to have a field called j_username and another called

Does your Sybase driver info work without security?  Also you may not want
to digest your passwords until you get everything else working to eliminate
that as the source of the error.

To get details on setting up the web.xmlfile and server.xml files download
the Servlet 2.3 specification from

It's fairly short and is in pdf format.

Hope this helps,


----- Original Message -----
From: <>
To: <>
Sent: Monday, April 29, 2002 11:48 AM
Subject: jdbc realm + form authenication setup

> Hello
> I have been unable to set up jdbc realm with form authenication method.  I
> have the jsp, the server.xml and web.xml files configured but it doesn't
> work - I am missing sometime but have not found a good resource to explain
> exactly what this is.  Does anybody have an example/know of a good
> resource?   Using Tomcat 4.0 and Sybase.
> in server.xml
> <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
> driverName="com.sybase.jdbc2.jdbc.SybDriver" digest="digest" connectionURL
> ="jdbc:sybase:Tds:server:port/db?user=user&amp;password=user" userTable="
> userTable" userNameCol="nameTable" userCredCol="user_pswd" userRoleTable="
> roles" roleNameCol="roleName"/>
> in web.xml
> security-constraint>
>   <web-resource-collection>
>      <web-resource-name>Configuration</web-resource-name>
>      <!-- Define the context-relative URL(s) to be protected -->
>      <url-pattern>/assistant</url-pattern>
>   </web-resource-collection>
>   <auth-constraint>
>      <!-- Anyone with one of the listed roles may access this area -->
>      <role-name>operate</role-name>
>   </auth-constraint>
> </security-constraint>
> <login-config>
>   <auth-method>FORM</auth-method>
>   <realm-name>EBasic Authentication Area</realm-name>
> </login-config>
> Thanks
> Julie
> This communication is for informational purposes only.  It is not intended
> an offer or solicitation for the purchase or sale of any financial
> or as an official confirmation of any transaction. All market prices, data
> and other information are not warranted as to completeness or accuracy and
> are subject to change without notice. Any comments or statements made
> do not necessarily reflect those of J.P. Morgan Chase & Co., its
> subsidiaries and affiliates.
> --
> To unsubscribe:   <>
> For additional commands: <>
> Troubles with the list: <>

To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message