tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Eggers <its_toas...@yahoo.com>
Subject Re: connection autoReconnect?
Date Thu, 26 Jan 2012 23:59:06 GMT
----- Original Message -----

> From: Jerry Malcolm <2ndgenfilms@gmail.com>
> To: Tomcat Users List <users@tomcat.apache.org>
> Cc: 
> Sent: Thursday, January 26, 2012 2:58 PM
> Subject: Re: connection autoReconnect?
> 
>T hanks to all for the assistance.  I'll try adding those parameters.  But
> I'm always a bit nervous about possibly just band-aiding a problem that I
> don't really understand.
> 
> Regarding the defensive coding approach, this error often occurs on the sql
> query by the internal TC security authentication code that looks up ids and
> passwords for login.  I don't own that code.  I would think any required
> defensive code would be already present in base TC code, yet it's failing
> there as well.  Basically, if I could figure out how to defend against this
> in my code, there's still nothing I can do, coding-wise, to defend against
> it in a security auth call to sql, right?


How are you doing authentication?

Using a straight JDBCRealm for authentication and authorization really creates a lot of problems.

From the document at: http://tomcat.apache.org/tomcat-7.0-doc/config/realm.html



     The JDBC Realm uses a single db connection. This requires that realm
     based authentication be synchronized, i.e. only one authentication can
     be done at a time. This could be a bottleneck for applications with
     high volumes of realm based authentications.

Also if people don't authenticate for a time, then the database's idle timeout will disconnect
the database and no one will be able to log in.

What you need is a DataSourceRealm. This provides the capabilities of a database pool along
with the Realm interface for authentication and authorization.

The information on how to set this up is scattered across several documents. Fortunately,
there's a Wiki page available:

http://wiki.apache.org/tomcat/TomcatDataSourceRealms


It's based on Tomcat 6, so you should check the particulars against Tomcat 7 before blindly
copying configuration components.

. . . . just my two cents.
/mde/

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message