tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Chandler <a...@chandlerfamily.org.uk>
Subject Still failing authentication - need help on how to Debug
Date Tue, 01 Nov 2005 20:07:58 GMT
I am still struggling to get tomcat to authenticate access to my application.  

As a starting point I am trying to use BASIC authentication with the 
DataSource Realm (basically because I can check the query SQL)

Whatever I do the user is presented with the authentication dialog box, but 
this authentication ALWAYS fails.

Any way, as can be seen from the logs I am doing an authenticate test and 
failing.

But thats not suprising when you look at the SQL that is being requested.  The 
username is null

Why? 

I can't see how I have anything wrong in server.xml - otherwise the postgres 
query would not have happened.  I can't see what I could possibly have wrong 
in my web.xml as this does not even mention username!.

Nevertheless - here is my web.xml is below



How can I get further info that would be helpful in debugging this?



===============================famtree log (from tomcat4)
2005-11-01 19:53:00 famtree: init
2005-11-01 19:54:29 Authenticator[/famtree]: Security checking request 
GET /famtree/app
2005-11-01 19:54:29 Authenticator[/famtree]:   Checking constraint 
'SecurityConstraint[Famtree Application]' against GET /app --> true
2005-11-01 19:54:29 Authenticator[/famtree]:  Subject to constraint 
SecurityConstraint[Famtree Application]
2005-11-01 19:54:29 Authenticator[/famtree]:  Calling checkUserData()
2005-11-01 19:54:29 Authenticator[/famtree]:   User data constraint has no 
restrictions
2005-11-01 19:54:29 Authenticator[/famtree]:  Calling authenticate()
2005-11-01 19:54:30 Authenticator[/famtree]:  Failed authenticate() test
roo:/var/log/tomcat4# 

=========================postgres.log    

2005-11-01 19:54:30 [3756] LOG:  duration: 0.283 ms  statement: set 
client_encoding = 'UNICODE'
2005-11-01 19:54:30 [3756] LOG:  duration: 5.291 ms  statement: SELECT 
password FROM users WHERE name = null

===========================web.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 
2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app id="WebApp_ID">
        <display-name>Family Tree Manager</display-name>

  <filter>
    <filter-name>redirect</filter-name>
    <filter-class>org.apache.tapestry.RedirectFilter</filter-class>
  </filter>

  <filter-mapping>
    <filter-name>redirect</filter-name>
    <url-pattern>/</url-pattern>
  </filter-mapping>

  <servlet>
    <servlet-name>famtree</servlet-name>
    <servlet-class>org.apache.tapestry.ApplicationServlet</servlet-class>
    <load-on-startup>0</load-on-startup>
  </servlet>

        <servlet-mapping>
        <servlet-name>famtree</servlet-name>
        <url-pattern>/app</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
        <servlet-name>famtree</servlet-name>
        <url-pattern>*.page</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
                <servlet-name>famtree</servlet-name>
                <url-pattern>*.do</url-pattern>
        </servlet-mapping>

        <servlet-mapping>
                <servlet-name>famtree</servlet-name>
                <url-pattern>*.sdo</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
                <servlet-name>famtree</servlet-name>
                <url-pattern>*.svc</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
                <servlet-name>famtree</servlet-name>
                <url-pattern>/assets/*</url-pattern>
        </servlet-mapping>
  <session-config>
        <session-timeout>15</session-timeout>
  </session-config>

        <welcome-file-list>
                <welcome-file>index.html</welcome-file>
                <welcome-file>index.htm</welcome-file>
                <welcome-file>index.jsp</welcome-file>
                <welcome-file>default.html</welcome-file>
                <welcome-file>default.htm</welcome-file>
                <welcome-file>default.jsp</welcome-file>
        </welcome-file-list>

        <resource-ref>
                <description>Family Tree Database</description>
                <res-ref-name>jdbc/family_tree</res-ref-name>
                <res-type>javax.sql.DataSource</res-type>
                <res-auth>Container</res-auth>
                <res-sharing-scope>Shareable</res-sharing-scope>
        </resource-ref>
        <security-constraint>
                <web-resource-collection>
                        <web-resource-name>Famtree 
Application</web-resource-name>
                        <url-pattern>/*</url-pattern>
                </web-resource-collection>
                <auth-constraint>
                        <role-name>family</role-name>
                </auth-constraint>
        </security-constraint>
        <login-config>
                <auth-method>BASIC</auth-method>
                <realm-name>Family Member</realm-name>
        </login-config>
        <security-role>
                <role-name>family</role-name>
        </security-role>

</web-app>
 

-- 
Alan Chandler
http://www.chandlerfamily.org.uk
Open Source. It's the difference between trust and antitrust.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message