tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "J. Brian Hall" <jbrianhall...@me.com>
Subject RE: Configuring Combined Realm
Date Mon, 28 Oct 2013 12:38:55 GMT
Folks, please ignore my question.  I found the problem.  Basically, I had
the same username / password combination in both databases used under
CombinedRealm, (which would be fine) but the associated "role_name" was
different and that's what caused the problem.  In any event, all is working.
Sorry for the fuss.

 

From: J. Brian Hall [mailto:jbrianhallphd@me.com] 
Sent: Monday, October 28, 2013 7:46 AM
To: 'users@tomcat.apache.org'
Subject: Configuring Combined Realm

 

How can I configure CombinedRealm in order to: (1) use JDBCRealm for my
webapp with form-based authentication while (2) also using the default
UserDatabaseRealm for the Tomcat Web Application Manager?  I can get one or
the other to work, but not both.  Here are the details of my setup:

 

-OS: Windows 7

-Server: Tomcat 7.0.42

-Database: MySQL 5.6

 

Articles I have used up to this point:

1.       Form-based authentication with Tomcat 7 and MySQL:
http://www.thejavageek.com/2013/07/07/configure-jdbcrealm-jaas-for-mysql-and
-tomcat-7-with-form-based-authentication/

2.       Configuring CombinedRealm:
http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html#CombinedRealm 

3.       Lastly, note that my database, tables, and Connector/J are setup
per instructions above and I am able to login to my webapp with form-based
authentication when only using JDBCRealm, but I then can't login to the
Tomcat Web Application Manager.

 

I configured the file CATALINA_HOME/config/server.xml in two ways:

 

1.       I've identified the following global resources:

 

<!--Resource for Tomcat Web App Manager-->

<Resource name="UserDatabase"

auth="Container"

type="org.apache.catalina.UserDatabase"

description="User database that can be updated and saved"

factory="org.apache.catalina.users.MemoryUserDatabaseFactory"

pathname="conf/tomcat-users.xml" />

 

<!--Resource for my webapp-->

<Resource name="jdbc/authority"

auth="Container"

type="javax.sql.DataSource"

driverClassName="com.mysql.jdbc.Driver"

description="mySQL Database"

url="jdbc:mysql://localhost:3306/authority"

maxActive="15"

maxidle="3"/>  

 

2.       I've nested Realms within CombinedRealm as follows:

 

<Realm className="org.apache.catalina.realm.CombinedRealm" >

 

<!-- LockOutRealm to prevent brute-force attack. -->

                <Realm className="org.apache.catalina.realm.LockOutRealm"
failureCount="3" lockoutTime="3600"/>

 

                <!-- Default Realm for Tomcat Application Manager -->

                <Realm
className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>

 

                <!-- JDBC Realm for my webapp. -->

                <Realm className="org.apache.catalina.realm.JDBCRealm"

                                driverName="com.mysql.jdbc.Driver"

 
connectionURL="jdbc:mysql://localhost:3306/authority"

                                connectionName="root"

                                connectionPassword="root"

                                userTable="users"

                                userNameCol="user_name"

                                userCredCol="user_pass"

                                userRoleTable="user_roles"

                                roleNameCol="role_name"/>

</Realm>

 

Lastly, I configured my CATALINA_HOME/webapps/[mywebapp]/WEB-INF/web.xml
file as follows:

 

<?xml version="1.0" encoding="ISO-8859-1"?>

<web-app 

                version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" 

                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd
<http://java.sun.com/xml/ns/j2ee%20http:/java.sun.com/xml/ns/j2ee/web-app_2_
4.xsd> ">

 

<display-name>webapp</display-name>

<description>Form-Based Authentication with mySQL</description>

 

<resource-ref>

                <description>mySQL Database</description>

                <res-ref-name>jdbc/authority</res-ref-name>

                <res-type>javax.sql.DataSource</res-type>

                <res-auth>Container</res-auth>

</resource-ref>

 

<security-constraint>

                <web-resource-collection>

                <web-resource-name>Protected</web-resource-name>

                                <url-pattern>/*</url-pattern>

                                <http-method>PUT</http-method>

                                <http-method>GET</http-method>

                                <http-method>POST</http-method>

                </web-resource-collection>

    <auth-constraint>

                <role-name>webappuser</role-name>

                </auth-constraint>

                <user-data-constraint>

 
<transport-guarantee>NONE</transport-guarantee>

                </user-data-constraint>

</security-constraint>

 

<login-config>

                <auth-method>FORM</auth-method>

                <form-login-config>

                <form-login-page>/login.jsp</form-login-page>

                <form-error-page>/error.jsp</form-error-page>

        </form-login-config>

</login-config>

                                

</web-app>

 


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message