tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Roberts <techi...@ait-web.com>
Subject Re: JDBC Realm Warning Message?
Date Tue, 08 Jul 2003 20:58:43 GMT
OK. The error message is gone now! Thanks.
It took me a few tries to figure out where the "<security-role>" needed 
to go but finally found it by trial and error.

STILL GETTING THIS ERROR THO:
"No Realm has been configured to authenticate against"

If I comment out the "UserDatabaseRealm", then I get the error, If I 
leave it in I don't get the error message, but my test app does not 
successfully log-in.

QUESTIONS:

1. Should my new JDBC Realm be located inside <Engine> or <Host> element?

2. Should I need to comment out the "UserDatabaseRealm" that is defined 
in the Tomcat sample "server.xml" file?

3. Where can I find detail information about how to set up "web.xml" and 
"server.xml"?

4. I found this piece of code in Ian McFarland's book.  Is this the 
correct way to do the login form?
<form method="POST" action='<%=response.encodeURL("j_security_check") %>'>


here is a snip from my server.xml file:
------------------------------------------------

<snip>
<!-- Define the top level container in our container hierarchy -->
<Engine name="Standalone" defaultHost="localhost" debug="0">

   <!-- Global logger unless overridden at lower levels -->
   <Logger className="org.apache.catalina.logger.FileLogger"
       prefix="catalina_log." suffix=".txt"
       timestamp="true"/>

<!-- Because this Realm is here, an instance will be shared globally -->

<!-- This Realm uses the UserDatabase configured in the global JNDI
      resources under the key "UserDatabase".  Any edits
      that are performed against this UserDatabase are immediately
      available for use by the Realm.  -->
<!--
      <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
          debug="0" resourceName="UserDatabase"/>
-->

<!-- Define the default virtual host -->
<Host name="localhost" debug="0" appBase="webapps"
   unpackWARs="true" autoDeploy="true">

     Realm className="org.apache.catalina.realm.JDBCRealm"
        connectionName="AI_DBA"
        connectionPassword="SUKHOI"
        connectionURL="jdbc:oracle:thin:@sukoi:1521:orcl"
        driverName="oracle.jdbc.driver.OracleDriver"
        userTable="REALM_USER"
        userNameCol="LOGIN"
        userCredCol="PASSWORD"
        userRoleTable="REALM_ROLE"
        roleNameCol="ROLE"
     />
</snip>


This is my web.xml now:
---------------------------------------------------------

<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
     PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
     "http://java.sun.com/j2ee/dtds/web-app_2_3.dtd">

<web-app>
   <security-constraint>
     <web-resource-collection>
       <web-resource-name>Protected Area</web-resource-name>
       <!-- Define the context-relative URL(s) to be protected -->
       <url-pattern>/*</url-pattern>
       <!-- Only methods listed will be protected -->
       <http-method>DELETE</http-method>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
       <http-method>PUT</http-method>
       </web-resource-collection>
     <auth-constraint>
       <!-- Anyone with one of the listed roles may access this area -->
       <role-name>tomcat</role-name>
     </auth-constraint>
   </security-constraint>
   <login-config>
     <auth-method>FORM</auth-method>
     <realm-name>Form-Based Authentication Area</realm-name>
     <form-login-config>
       <form-login-page>/login.jsp</form-login-page>
       <form-error-page>/login_error.jsp</form-error-page>
     </form-login-config>
   </login-config>
   <security-role>
     <description>
       tomcat test role
     </description>
     <role-name>tomcat</role-name>
   </security-role>
</web-app>



here is my login.jsp file:
-----------------------------------------------------------
<%@page contentType="text/html"%>
<html>
<head>
<title>Login</title>
</head>
<body bgcolor="white">
<form method="POST" action='<%= response.encodeURL("j_security_check") %>'>
<table border="0" cellspcacing="5">
     <tr>
         <th align="right">Username:</th>
         <td align="left"<input type="text" name="j_username"></td>
     </tr>
     <tr>
         <th align="right">Password:</th>
         <td align="left"><input type="password" name="j_passsword"></td>
     </tr>
     <tr>
         <td align="right"><input type="submit" value="Log In"></td>
         <td align="left"><input type="reset"></td>
     </tr>
</table>
</body>
</html>


Thanks,

-- 
*******************************************
* Rick Roberts                            *
* Advanced Information Technologies, Inc. *
*******************************************


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message