tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dan Allen <...@mojavelinux.com>
Subject JDBCrealm drops user after manager reload
Date Tue, 01 Apr 2003 18:31:49 GMT
I am having a fairly painful problem here dealing with
authentication using the JDBCReam and container managed security.
In particular I am using securityfilter, but I seriously doubt that
this problem involves that application directly.

If I use the default SecurityRealm that comes with the security
filter application, which just manual sets the userInRole and
getRemoteUser information, I can reload the context over and over
and never drop the user.  When I use JDBCReam to handle users in a
database and I reload the context after logging in all the active
sessions loose their security principals and roles.  The thing is,
all the session data is still there, working as normal.  I get no
messages in the log files regarding a failure of any kind.

In short:

Why does a context reload kill the user principal information and
how can I fix it?

To duplication:

Grab securityfilter from securityfilter.sourceforge.net  Log in out
of the box, reload the context and view the securePage.jsp again.
No problem.  Now, change the realm to JDBCRealm, login, reload
the context and visit the securePage.jsp...aha, now it says you are
not logged in and takes you to the login page.

Dan

-- 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
Daniel Allen, <dan@mojavelinux.com>
http://www.mojavelinux.com/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
"This is a test of the Emergency Broadcast System.  If this had 
been an actual emergency, do you really think we'd stick around 
to tell you?"
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message