tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Madere, Colin" <colin.mad...@ieminc.com>
Subject RE: JDBC Realm problems
Date Wed, 24 Sep 2003 22:58:03 GMT
I think your problem is that /* does not match on the end of the URL you are
requesting.  I know this is kind of screwy, I've had LOTS of fun with Tomcat
Realms :)  "/*" will match for "/test/*" (since you are within the "test"
application) not the root of the server.  Try just "*" in the auth config or
put a index.html in the /test/ dir and try "/test/index.html" and see if you
then get the auth dialog.  Then you'll know if that's the problem.

-----Original Message-----
From: Paul [mailto:paul@msci.ca] 
Sent: Tuesday, September 23, 2003 4:06 PM
To: Tomcat Users List
Subject: Re: JDBC Realm problems


in case no one noticed and it matters, web.xml has following typo in it,
where resource is spelled "ressource":
> >   <web-ressource-collection>
> >     <web-ressource-name>test</web-ressource-name>


----- Original Message ----- 
From: "Adam Hardy" <ahardy.struts@cyberspaceroad.com>
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Sent: Tuesday, September 23, 2003 12:39 PM
Subject: Re: JDBC Realm problems


> Your config looks OK. Are you getting any errors logged when you try 
> to log on?
>
> On 09/23/2003 04:43 PM Laurent Perez wrote:
> > Hello
> >
> > I am trying to protect a webapp I wrote using a JDBCRealm, but it 
> > doesn't seem to work as expected. I am using Tomcat 4.1.27, and 
> > Postgresql 7.3.2, with latest JDBC driver within $tomcat/common/lib.
> >
> > My realm is described as follows, in $tomcat/conf/server.xml :
> >
> > <Realm  className="org.apache.catalina.realm.JDBCRealm" debug="99"
> >         driverName="org.postgresql.Driver"
> >         digest="md5"
> >         connectionURL="jdbc:postgresql://127.0.0.1/mydb"
> >         connectionName="mylogin" connectionPassword="mypass"
> >         userTable="pg_shadow" userNameCol="usename" userCredCol="passwd"
> >         userRoleTable="named_roles" roleNameCol="role" />
> >
> > When I start Tomcat, I can see it connecting and idling to mydb, so 
> > JDBC driver works. Also 'mylogin' has read access on named_roles.
> >
> > My webapp is called 'test' and located within $tomcat/webapps/, its 
> > WEB-INF/web.xml is as follows :
> >
> > <?xml version="1.0" encoding="ISO-8859-1"?>
> >
> > <!DOCTYPE web-app
> >     PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
> >     "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd">
> >
> > <web-app>
> >   <security-constraint>
> >   <web-ressource-collection>
> >     <web-ressource-name>test</web-ressource-name>
> >     <url-pattern>/*</url-pattern>
> >   </web-ressource-collection>
> >   <auth-constraint>
> >     <role-name>myrole</role-name>
> >   </auth-constraint>
> >   </security-constraint>
> >   <login-config>
> >   <auth-method>BASIC</auth-method>
> >   <realm-name>test</realm-name>
> >   </login-config>
> >   <security-role>
> >     <role-name>myrole</role-name>
> >   </security-role>
> > </web-app>
> >
> > The 'myrole' role is defined in my named_roles table, and I have 
> > several users under that role. I did add <security-role> tags 
> > because Tomcat would warn me about 'myrole' not being within 
> > <security-role> tags on startup.
> >
> > Now when I am trying to access http://localhost:8080/test, no 
> > authentication window pops up, I can access it freely, which 
> > shouldn't be correct (?). When I look at logs, I can see : 
> > 2003-09-23 14:14:52 ContextConfig[/test]: Configured an 
> > authenticator for method BASIC 2003-09-23 14:14:52 
> > StandardManager[/test]: Seeding random number generator class 
> > java.security.SecureRandom 2003-09-23 14:14:52 
> > StandardManager[/test]: Seeding of random number generator has been 
> > completed
> >
> > If BASIC auth method is activated, why isn't my browser showing up 
> > an auth window ? :-/
> >
> > Also I know Postgres doesn't store md5 password files like 
> > md5_func(password), but instead md5_func(password+login), will it 
> > cause problems with Tomcat's digest=md5 behaviour ?
> >
> > Thanks for any help
> >
> > Laurent Perez
> >
> >
> >
> > --------------------------------------------------------------------
> > -
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> >
>
> --
> struts 1.1 + tomcat 4.1.27 + java 1.4.2
> Linux 2.4.20 RH9
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Mime
View raw message