tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cédric Couralet <cedric.coura...@gmail.com>
Subject Re: Question regarding JNDIRealm - tomcat 6.0.35
Date Wed, 20 Feb 2013 12:05:26 GMT
2013/2/20 Tanmoy Chatterjee <Tanmoy.Chatterjee@nxp.com>:
> Hello Cédric,
> The reason I want to do is as follows:
> I am facing the problem already expressed in https://issues.apache.org/bugzilla/show_bug.cgi?id=33774
> I see that the bug status shows as Fixed, however I still get the same Issue on the Stack
mentioned earlier.
>
> Hence what I have done is that I have already extended the JNDIRealm class (CustomJNDIRealm)
to disconnect as soon as authentication is successful. (ref: http://stackoverflow.com/questions/10911897/tomcat-7-0-14-ldap-authentication)
>
> public class CustomJNDIRealm extends JNDIRealm {
>   @Override
>   public Principal authenticate(String username, String credentials) {
>   Principal principal = super.authenticate(username, credentials);
>
>     if (context != null) {
>       close(context);
>     }
>     return principal;
>   }
> }
>
> Have tested this and I see it to be working great except a small problem.
> After tomcat starts successfully and remains idle i.e let's say there is no user who
logs in (gets authenticated) for 5-10 mins...I face the same issue as mentioned in the above
bug. This is because the initial connection to the LDAP exists and the above overridden authenticate
() doesn't get called. Hence I want to prevent the initial connection started by tomcat to
LDAP as well.
> I am looking for some good way of doing this only on tomcat start-up and not all other
the times.
> What I am not able to understand is why Tomcat doesn't allow configurable parameters
to either select / deselect the Realm connections on startup.



So you don't mind the initial connection but want to close it as soon
as possible. Then what about writing a custom start method in your
CustomJNDIRealm based on your overriding of the authenticate method :


@Override
    public void start() throws LifecycleException {
        super.start();
          if (context != null) {
              close(context);
            }

    }


To come back to the root of the problem. In tomcat6, there is a chance
an exception is thrown with JNDIRealm when no user has tried to log in
in a certain time.

That exception is logged at a WARNING level and I tend to ignore them
because tomcat retries anyway. I don't think you should do anything
just to avoid those.

Hope this helps,
Cédric

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message