tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Funk <funk...@joedog.org>
Subject Re: JDBCRealm through a firewall
Date Thu, 13 Nov 2003 15:21:12 GMT
I think 4.1.29's JDBCRealm tried to reconnect on failure.

-Tim

Holger de Wall wrote:

> BITTE DURCHSEHEN
> 
> our firewall (Cisco PIX 506) seems to be the reason for a 'java.sql.Exception'  
> given by the JDBCRealm:
> ---------------------------------------------------------------------------------------------------
> 2003-11-13 09:46:28 JDBCRealm[<dmz.domain>]: Exception performing 
> authentication
> java.sql.SQLException: System or internal error
> ...
> ---------------------------------------------------------------------------------------------------
> The Tomcat 4.1.24 with our webapplication stays on the DMZ outside the 
> firewall. The Database (the server for our JDBCRealm) stays behind the 
> firewall, which let pass the TCP-Requests through the Port 'myport', we set in 
> the 
> 'connectionURL'.
> <Realm   className="org.apache.catalina.realm.JDBCRealm"
>    debug="99"  driverName="com.informix.jdbc.IfxDriver"
> connectionURL="jdbc:informix-sqli://<ip-address-inside>:<myport>/upload:informixserver=<myserver>"
>    connectionName="tomcat"
>    connectionPassword="tomcat"
>    userTable="users"
>    userNameCol="user_name"
>    userCredCol="user_pass"
>    userRoleTable="user_roles"
>    roleNameCol="role_name" />
> 
> If the Servlet-Engine on the DMZ don't get any authentication-requests for 
> about one hour, the Cisco Pix doesn't detect any traffic on this established 
> connection. Therefore (security reasons) the Pix kills the Realm-Connection 
> from the DMZ to the Database, what is the only reason for a broken and 
> unusable JDBCRealm.
> 
> How can we force the Servlet-Engine to establish a new Realm-Connection  to 
> the Database without a restarting the complete Tomcat-Server ? 
> 
>  
> Holger de Wall
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message