tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From exkor <exkor5...@gmail.com>
Subject Re: URL is "null" and HTTP 404 error when using FROM authentication
Date Sat, 14 Jun 2008 14:33:43 GMT
Hi Chuck

Thanks alot for this last bit about the query for the roles, it
actually made me realize what was wrong. The digest algorithm i used
to initialize my users table was different from the digest algorithm
used by tomcat. This is very surprising I've never seen encountered
something like that in the past. The algorith I used was from
www.md5oogle.com, so apperently they are using some different
encoding...

So I've changed the global sever.xml config and i see this in MySQL logs:
080614  9:57:35	    118 Connect     root@localhost on hamula
		    118 Query       /* mysql-connector-java-5.1.6 ( Revision:
${svn.Revision} ) */SHOW VARIABLES WHERE Variable_name ='language' OR
Variable_name = 'net_write_timeout' OR Variable_name =
'interactive_timeout' OR Variable_name = 'wait_timeout' OR
Variable_name = 'character_set_client' OR Variable_name =
'character_set_connection' OR Variable_name = 'character_set' OR
Variable_name = 'character_set_server' OR Variable_name =
'tx_isolation' OR Variable_name = 'transaction_isolation' OR
Variable_name = 'character_set_results' OR Variable_name = 'timezone'
OR Variable_name = 'time_zone' OR Variable_name = 'system_time_zone'
OR Variable_name = 'lower_case_table_names' OR Variable_name =
'max_allowed_packet' OR Variable_name = 'net_buffer_length' OR
Variable_name = 'sql_mode' OR Variable_name = 'query_cache_type' OR
Variable_name = 'query_cache_size' OR Variable_name = 'init_connect'
080614  9:57:54	    118 Query       SELECT password FROM users WHERE
uid = 'test@hamula.org'
		    118 Query       commit
		    118 Query       SELECT role FROM users WHERE uid = 'test@hamula.org'
		    118 Query       commit

And it actually lets me through when i try to login into the manager.

The problem im having right now (which i beleave is relatively simple)
is that my app doesn't connect to the DB. I configured server.xml back
to use MemoryRealm because i want only the app to use the DB. Then
I've changed my apps context.xml to this:
<?xml version="1.0" encoding="UTF-8"?>

<Context path="/hamula" docBase="hamula"
        debug="5" reloadable="true" crossContext="true">

    <Resource name="jdbc/hamula"
              auth="Container"
              type="javax.sql.DataSource"
              driverClassName="com.mysql.jdbc.Driver"
              url="jdbc:mysql://localhost:3306/hamula?autoReconnect=true"/>
              username="root"
              password="skywalker"
	      digest="MD5"
	      userTable="users"
	      userNameCol="uid"
              userCredCol="password"
              userRoleTable="users"
	      roleNameCol="role"
              logAbandoned="true"
              removeAbandoned="true"
              removeAbandonedTimeout="10"
              maxActive="20"
              maxIdle="10"
              maxWait="-1"/>

</Context>

And my web.xml to this:
<web-app>
    <display-name>Hamula</display-name>
    <distributable/>

    <welcome-file-list>
	<welcome-file>
                  home.jsp
        </welcome-file>
    </welcome-file-list>


    <resource-ref>
        <description>DB Connection</description>
        <res-ref-name>jdbc/hamula</res-ref-name>
        <res-type>javax.sql.DataSource</res-type>
        <res-auth>Container</res-auth>
    </resource-ref>

    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Hamula</web-resource-name>
            <description>Pages accessible by registered users</description>

            <!-- PAGES ACCESIBLE ONLY BY REGISTERED USERS SHOULD BE
ADDED HERE -->
            <url-pattern>/home.jsp</url-pattern>
            <url-pattern>/events.jsp</url-pattern>
            <url-pattern>/profile.jsp</url-pattern>
            <url-pattern>/community.jsp</url-pattern>
            <!--
            THIS IS AN EXAMPLE OF A PATTERN TO MATCH MANY PAGES
            <url-pattern>/protected/*.jsp</url-pattern>
       -->
            <!--
============================================================= -->

            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>admin</role-name>
            <role-name>manager</role-name>
        </auth-constraint>
    </security-constraint>

    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/index.jsp</form-login-page>
            <form-error-page>/index.jsp</form-error-page>
        </form-login-config>
    </login-config>

    <security-role>
        <description>
            The role that is required to access registered user functions and
            pages
        </description>
        <role-name>admin</role-name>
        <role-name>manager</role-name>
    </security-role>
</web-app>

I don't see any attempt for a connection in the mysql logs... very weird...
Do I need to define some global naming for the DB connection?


Thanks
-Assaf

On Sat, Jun 14, 2008 at 7:55 AM, Caldarale, Charles R
<Chuck.Caldarale@unisys.com> wrote:
>> From: exkor [mailto:exkor5000@gmail.com]
>> Subject: Re: URL is "null" and HTTP 404 error when using FROM
>> authentication
>
> It's good that you're starting from a clean install.
>
>> MySQL logs indicate the the connector has connected to the database
>> and quering the right table + fields:
>
> Except there's no query for the role, indicating that either the uid is not found or
the password check fails.  The MySQL logs should show the responses to the queries; do those
look correct?
>
>  - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and
is thus for use only by the intended recipient. If you received this in error, please contact
the sender and delete the e-mail and its attachments from all computers.
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message