tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Posner <cuco2...@gmail.com>
Subject Tomcat not recognizing my Login info ?
Date Sun, 06 Sep 2009 01:26:57 GMT
Hi,
I am wondering if I'm configuring my server.xml correctly. I have a DB
called trailsDB with
2 tables in it called users and user_roles:

| user_name | user_pass |
+-----------+-----------+
| buzz      | 999999    |
| cuco      | 777777    |
| tobi      | 111111    |
| jaclyn    | 666666    |
| tomcat    | 1111      |
+-----------+-----------+

+-----------+-----------+
| user_name | role_name |
+-----------+-----------+
| buzz      | admin     |
| cuco      | admin     |
| jaclyn    | guest     |
| tobi      | guest     |
+-----------+-----------+

I am using the DataSourceRealm with a server.xml as follows: (I've removed a
few non relevant
things to make it easier to read)

<?xml version='1.0' encoding='utf-8'?>


<Server port="8005" shutdown="SHUTDOWN">


  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
/>
  <Listener
className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />

  <!-- Global JNDI resources
       Documentation at /docs/jndi-resources-howto.html
  -->
  <GlobalNamingResources>
    <!-- Editable user database that can also be used by
         UserDatabaseRealm to authenticate users
     -->

    <Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
              description="User database that can be updated and saved"
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
              pathname="conf/tomcat-users.xml" />

  </GlobalNamingResources>

  <Service name="Catalina">

    <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
    <!-- A "Connector" using the shared thread pool-->

    <Engine name="Catalina" defaultHost="localhost">

      <!--For clustering, please take a look at documentation at:
          /docs/cluster-howto.html  (simple how to)
          /docs/config/cluster.html (reference documentation) -->


      <!-- This Realm uses the UserDatabase configured in the global JNDI
           resources under the key "UserDatabase".  Any edits
           that are performed against this UserDatabase are immediately
           available for use by the Realm.  -->

      <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase"/>

      <!-- Define the default virtual host
           Note: XML Schema validation will not work with Xerces 2.2.
       -->
      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true"
            xmlValidation="false" xmlNamespaceAware="false">

      <Context path="/blurbV1"     docBase="blurbV1" reloadable="true">

      <Resource name="jdbc/trailsDB" auth="Container"
type="javax.sql.DataSource"
        driverClassName="com.mysql.jdbc.Driver"

url="jdbc:mysql://localhost:3306/trailsDB?user=buzz&amp;password=999999"
maxActive="8"/>

        <!-- 9/5: Removed these 2 lines from the Realm declatation as per
the docs ex.:
         driverName="com.mysql.jdbc.Driver"
        connectionURL="jdbc:mysql://localhost:3306/trailsDB"

         -->

    <Realm className="org.apache.catalina.realm.DataSourceRealm"
        dataSsourceName="jdbc/trailsDB"
        localDataSource="true"
        debug="99"
        userTable="users"
        userNameCol="user_name"
        userCredCol="user_pass"
        userRoleTable="user_roles"
        roleNameCol="role_name"
        />

      </Context>

      </Host>
    </Engine>
  </Service>
</Server>

I'm wondering if I need to be using the info defined in the resource element
with
the DataSourceRealm, or if that should be put somewhere else.

I'm using form based login, and when i attempt to access a protected
resource and try to login,
it doesnt recognize my credentials (for ex., this happens when I enter user
name 'buzz' and password '999999' at the login prompt on my Login.html. It
sends me to auth-error.html instead
when it should be granting me access.

Here is my web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="
http://java.sun.com/xml/ns/javaee" xmlns:web="
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="
http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID"
version="2.5">
  <display-name>project-1c</display-name>
  <welcome-file-list>
    <welcome-file>index.html</welcome-file>
    <welcome-file>index.htm</welcome-file>
    <welcome-file>index.jsp</welcome-file>
    <welcome-file>default.html</welcome-file>
    <welcome-file>default.htm</welcome-file>
    <welcome-file>default.jsp</welcome-file>
  </welcome-file-list>
  <listener>
    <listener-class>
          com.buzz.TrailsAppServletContextListener
      </listener-class>
  </listener>
  <servlet>
    <description>find trails based on category </description>
    <display-name>TrailFinderServlet</display-name>
    <servlet-name>TrailFinderServlet</servlet-name>
    <servlet-class>com.buzz.finder.TrailFinderServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>TrailFinderServlet</servlet-name>
    <url-pattern>/TrailFinderServlet</url-pattern>
  </servlet-mapping>
  <servlet>
    <description></description>
    <display-name>TrailReviewSubmitServlet</display-name>
    <servlet-name>TrailReviewSubmitServlet</servlet-name>
    <servlet-class>com.buzz.review.TrailReviewSubmitServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>TrailReviewSubmitServlet</servlet-name>
    <url-pattern>/TrailReviewSubmitServlet</url-pattern>
  </servlet-mapping>
  <servlet>
    <description></description>
    <display-name>TrailReviewServlet</display-name>
    <servlet-name>TrailReviewServlet</servlet-name>
    <servlet-class>com.buzz.review.TrailReviewServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>TrailReviewServlet</servlet-name>
    <url-pattern>/TrailReviewServlet</url-pattern>
  </servlet-mapping>
  <servlet>
    <description></description>
    <display-name>bikeFinderServlet</display-name>
    <servlet-name>bikeFinderServlet</servlet-name>
    <servlet-class>com.buzz.finder.bikeFinderServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>bikeFinderServlet</servlet-name>
    <url-pattern>/bikeFinderServlet</url-pattern>
  </servlet-mapping>
  <servlet>
    <description></description>
    <display-name>BikeFinderServlet</display-name>
    <servlet-name>BikeFinderServlet</servlet-name>
    <servlet-class>com.buzz.finder.BikeFinderServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>BikeFinderServlet</servlet-name>
    <url-pattern>/BikeFinderServlet</url-pattern>
  </servlet-mapping>
   <session-config>
      <session-timeout>10</session-timeout>
  </session-config>

  <security-role>
      <role-name>admin</role-name>
      <role-name>member</role-name>
      <role-name>guest</role-name>
  </security-role>



  <security-constraint>

    <web-resource-collection>

        <web-resource-name>UpdateTrails</web-resource-name>

        <url-pattern>/trailReviewNew.jsp</url-pattern>

        <http-method>GET</http-method>
        <http-method>POST</http-method>

    </web-resource-collection>

        <auth-constraint>
            <description>These are the roles who have access</description>
            <role-name>admin, member</role-name>
        </auth-constraint>

</security-constraint>

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>Tomcat Server Configuration Form-Based
        Authentication Area</realm-name>
    <form-login-config>
        <form-login-page>/Login.html</form-login-page>
        <form-error-page>/auth_error.html</form-error-page>
    </form-login-config>
        </login-config>


<resource-ref>
    <description>DB Connection</description>
    <res-ref-name>jdbc/trailsDB</res-ref-name>
    <res-type>javax.sql.DataSource</res-type>
    <res-auth>Container</res-auth>
</resource-ref>

</web-app>

Any ideas of what I coould be missing ? Thanks in advance,

Adam

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message