tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Holman <>
Subject Re: JNDIRealm login failure
Date Tue, 07 Jan 2003 14:37:51 GMT

Check whether the directory server is configured to time out idle 
connections. If so, the first attempt made by Tomcat to authenticate 
after a long enough period of inactivity will fail in the manner you 
describe. If this is the problem, you should find that after a second 
login attempt has succeeded other users can authenticate straight away - 
until the next long period of inactivity. You may be able fix the 
problem by disabling timeout on the directory server. (You don't say 
which directory server you are using).

Really there should be an option for JNDIRealm to check whether the 
connection is valid and reconnect if not before the authentication 
attempt is made. However its connection management is very basic!


Gil Chilton wrote:

>I have created a simple tomcat web app that uses a
>JNDIRealm for authentication per the instructions in
>the Tomcat 4.1 documentation.  When I start tomcat,
>the login process for this web app works fine for a
>few minutes or logins.
>Eventually, I reach a state where the first login
>always fails until I restart Tomcat.  Each failed
>login results in the following error in the logs:
>2003-01-06 14:33:35 JNDIRealm[Standalone]: Exception
>performing authentication
>javax.naming.CommunicationException.  Root exception
>is Connection reset
>    at
>    at
>    at
>    at
>    at
>    at
>If the user backs up and resubmits the login a second
>time, it works with no additional log entries.
>I have seen this on Tomcat 4.1.12 and now 4.1.18 with
>BASIC or FORM based authentication.  I have searched
>the web and mailing lists without a match.  The
>platform is RedHat Linux 7.3 or 8.0 with Sun's SDK
>1.4.1_01 installed.  Any ideas?
>Do you Yahoo!?
>Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
>To unsubscribe, e-mail:   <>
>For additional commands, e-mail: <>

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message