tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Rumppe <erum...@library.berkeley.edu>
Subject Form Authentication Issues
Date Wed, 27 Aug 2008 19:25:20 GMT
Hello All,

After getting a response yesterday about BASIC authentication and being 
told to switch to FORM based authentication, I've been trying to do this 
for quite awhile and I can get FORM authentication to work sometimes on 
test applications but I can never get it to work on a real application.  
I get the login screen correctly but then everytime I try to log in I 
get the Error page.  HELP!!!!  Here is my server.xml file:

<?xml version="1.0" encoding="UTF-8"?>
<Context docBase="/data/_b/TestSite" path="/TestSite">
  Resource name="jdbc/lostAndFoundDB" auth="Container"
        maxActive="100" maxIdle="30" maxWait="10000"
        username="[left blank]" password="[left blank]"
        driverClassName="com.mysql.jdbc.Driver"
        url="jdbc:mysql://localhost:3306/lostAndFound?autoReconnect=true"
        logAbandoned="true" removeAbandoned="true"
        removeAbandonedTimeout="60" type="javax.sql.DataSource" />

  <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
     driverName="com.mysql.jdbc.Driver"
     connectionURL="jdbc:mysql://localhost:3306/lostAndFound?user=[left 
blank]&amp;password=[left blank]"
     userTable="UserPass" userNameCol="Username" userCredCol="Password"
     userRoleTable="UserRole" roleNameCol="Rolename" />
</Context>

Currently I am trying to use the JDBCRealm but I have also tried this 
using the DataSourceRealm and get the exact same results.  For 
information purposes here is my web.xml file also:

<?xml version="1.0" encoding="ISO-8859-1"?>

<web-app id="WebApp_ID" version="2.4"
    xmlns="http://java.sun.com/xml/ns/j2ee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

    <display-name>Test Site</display-name>

    <context-param>
        <param-name>javax.servlet.jsp.jstl.fmt.localizationContext 
</param-name>
        <param-value>messages</param-value>
    </context-param>

    <servlet>
        <servlet-name>vraptor2</servlet-name>
        <servlet-class>org.vraptor.VRaptorServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>vraptor2</servlet-name>
        <url-pattern>*.logic</url-pattern>
    </servlet-mapping>
   
    <!-- Define Velocity template compiler -->
    <servlet>
      <servlet-name>velocity</servlet-name>
      <servlet-class>
         org.apache.velocity.tools.view.servlet.VelocityViewServlet
      </servlet-class>
    </servlet>

    <!-- Map *.vm files to Velocity -->
    <servlet-mapping>
      <servlet-name>velocity</servlet-name>
      <url-pattern>*.vm</url-pattern>
    </servlet-mapping>

        <servlet>
                <servlet-name>CookieUtil</servlet-name>
                <servlet-class>logic.CookieUtil</servlet-class>
        </servlet>

        <servlet-mapping>
                <servlet-name>CookieUtil</servlet-name>
                <url-pattern>/cookieutil</url-pattern>
        </servlet-mapping>
   
    <!-- Database connection information for connection pooling
    <res-ref-name>jdbc/testSite</res-ref-name>-->
    <res-ref-name>jdbc/lostAndFoundDB</res-ref-name>

    <security-role>
        <description>Lost and Found Admin</description>
        <role-name>lfadmin</role-name>
    </security-role>
    <security-role>
        <description>Lost and Found Staff</description>
        <role-name>lfstaff</role-name>
    </security-role>   
    <security-role>
        <description>Lost and Found User</description>
        <role-name>lfuser</role-name>
    </security-role>

     <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>lfuser</role-name>
        </auth-constraint>
    </security-constraint>

     <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/update.form.logic</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>lfstaff</role-name>
        </auth-constraint>
    </security-constraint>

     <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/itemupdate.insert.logic</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>lfstaff</role-name>
        </auth-constraint>
    </security-constraint>

     <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/insert.form.logic</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>lfstaff</role-name>
        </auth-constraint>
    </security-constraint>

     <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/admin.edit.logic</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>lfadmin</role-name>
        </auth-constraint>
    </security-constraint>

     <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/admin.editterms.logic</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>lfadmin</role-name>
        </auth-constraint>
    </security-constraint>

     <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/admin.manage.logic</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>lfadmin</role-name>
        </auth-constraint>
    </security-constraint>

     <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/admin.olditems.logic</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>lfadmin</role-name>
        </auth-constraint>
    </security-constraint>

     <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/admin/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>lfadmin</role-name>
        </auth-constraint>
    </security-constraint>

    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/login.vm</form-login-page>
            <form-error-page>/error.html</form-error-page>
        </form-login-config>
    </login-config>
   
    <welcome-file-list>
        <welcome-file>index.vm</welcome-file>
    </welcome-file-list>
</web-app>


I do have the correct table names and columns in my lostAndFound 
database and I am using the j_security_check with the j_username and 
j_password in my login.vm file.  I am using Tomcat6 with VRaptor and 
Velocity frameworks.  If anyone can help me I would love it!  I'm 
starting to lose my mind!!!!  I've been trying to get this to work with 
FORMs for over a month now.

Thanks,
Erik Rumppe
PA II
University of California, Berkeley - LSO

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message