tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Smith <d...@cornell.edu>
Subject Re: RHEL, mysql 4.1.9 tomcat 5028, form authentication login failure.
Date Thu, 27 Jan 2005 12:59:35 GMT
Or grant privileges on the database to 'x'@'localhost' and 
'x'@'localhost.localdomain'.  Then give both accounts the same 
password.  It won't matter which one mysql sees because they'll both work. 

For the record, mysql does a reverse lookup of the host and makes that 
part of the credentials matching it up with the host field in the 
mysql.user table.  I suppose you could use 'x'@'localhost%', but what's 
to stop some fool from naming his system 'localhost-spoof.mydomain.com' 
and attempting a hack.

--David

Pawson, David wrote:

>After chasing for a day, a nasty arose I thought
>others might like to know of.
>
>rhel has /etc/hosts localhost entry as
>
>127.0.0.1   localhost.localdomain localhost
>
>
>If you use form authentication, with server.xml entries such as
>
><Realm  className="org.apache.catalina.realm.JDBCRealm" 
>	      debug="0"  
>	      driverName="com.mysql.jdbc.Driver"
>	      connectionURL="jdbc:mysql://localhost/tcusers"
>	      connectionName="tomcat" 
>	      connectionPassword="shhhh"
>	      userTable="x" 
>	      userNameCol="y" 
>	      userCredCol="z"
> 
>	      />
>
>
>
>then the connection is most likely to fail, not allowed, mysql error indicating
>that this user is invalid as tomcat@localhost
>
>reverse the /etc/hosts entry such that localhost is found first
>and it works.
>
>127.0.0.1    localhost localhost.localdomain
>
>Sheesh.
>
>
>
>regards DaveP.
>
>** snip here **
>
>
>
>
>
>
>
>
>Regards DaveP.
>
>**** snip here *****
>
>  
>

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message