Return-Path: 
 <users-return-252315-apmail-tomcat-users-archive=tomcat.apache.org@tomcat.apache.org>
X-Original-To: apmail-tomcat-users-archive@www.apache.org
Delivered-To: apmail-tomcat-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 3192317278
	for <apmail-tomcat-users-archive@www.apache.org>;
 Thu, 12 Mar 2015 15:51:37 +0000 (UTC)
Received: (qmail 96161 invoked by uid 500); 12 Mar 2015 15:51:33 -0000
Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org
Received: (qmail 96094 invoked by uid 500); 12 Mar 2015 15:51:32 -0000
Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@tomcat.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@tomcat.apache.org>
List-Post: <mailto:users@tomcat.apache.org>
List-Id: <users.tomcat.apache.org>
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
Delivered-To: mailing list users@tomcat.apache.org
Received: (qmail 96083 invoked by uid 99); 12 Mar 2015 15:51:32 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Mar 2015 15:51:32 +0000
X-ASF-Spam-Status: No, hits=1.7 required=5.0
	tests=FREEMAIL_ENVFROM_END_DIGIT,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of rop049@gmail.com designates
 209.85.220.44 as permitted sender)
Received: from [209.85.220.44] (HELO mail-pa0-f44.google.com) (209.85.220.44)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Mar 2015 15:51:07 +0000
Received: by pabli10 with SMTP id li10so21587592pab.2
        for <users@tomcat.apache.org>; Thu, 12 Mar 2015 08:51:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=29i6LiA9UNIx0btwe6QJsmbEO7541pf7xmFqRVGTdLU=;
        b=AJFH+ggttS5aQdjIElBbo/mjcyV4LecAtqVk53UcULoAuYqmQ4yNsbuQe1f44OCgAl
         hNNAW2JJYWh5dRD4bLeC9X5YB5nsDiphhpCSLGsp8ol4c6Px0EYP9qHl9l6AFTM4Vr1j
         9mz4UYBN/srKvmfIi3qWe3LuSTxhZG2e6UamM+BTSUUNZAtA8fklRmdfHVaMASJmhBWj
         841pRxju/klTjU7MiOonOD7Y/O93mzxp4tQTnEBw41xRvnacBhhnykCF4itNIbOP88Xn
         B80bzNf+MMMbw4ixjahNXtSOXH1PWghwJ/SIFvbbl/nfryxJwOGL5gQua7pw7NjT3ki4
         ID1A==
MIME-Version: 1.0
X-Received: by 10.70.126.167 with SMTP id mz7mr91139849pdb.109.1426175465490;
 Thu, 12 Mar 2015 08:51:05 -0700 (PDT)
Received: by 10.70.43.40 with HTTP; Thu, 12 Mar 2015 08:51:05 -0700 (PDT)
In-Reply-To: <5501A4AC.4080400@verizon.net>
References: 
 <CAGmJ4QCjH+dGiLGVg24qmSRPqk9NtjwVBq3K+EgpoNz+3yAdGQ@mail.gmail.com>
	<55004293.5060500@christopherschultz.net>
	<CAGmJ4QArbXL2zy7yD6h02pxj8dvwk+0V6s714hOGhVqEbjL+gQ@mail.gmail.com>
	<5501A4AC.4080400@verizon.net>
Date: Thu, 12 Mar 2015 16:51:05 +0100
Message-ID: 
 <CAGmJ4QB-E4p8yoMoOZ_Z5r3ojQvAEhwkeeOgEs0t28jruVocRw@mail.gmail.com>
Subject: Re: Form-based authentication breaks after upgrade to Tom 7.0.59
From: rop <rop049@gmail.com>
To: Tomcat Users List <users@tomcat.apache.org>
Content-Type: multipart/alternative; boundary=001a11c309d6020f980511195a20
X-Virus-Checked: Checked by ClamAV on apache.org

--001a11c309d6020f980511195a20
Content-Type: text/plain; charset=UTF-8

Ah, I got it now.
Thanks, David.

Yes, the a-b-c-d points are OK then.

As a trouble-shoot action, I actually did an install-and-test "binary
search"
among the intermediate tomcat-versions to pinpoint exactly which version
breaks our app.

Turns out, up to 7.0.47 it still works OK.
(7.0.48 and 7.0.49 do not exist in the tomcat archive)
And from 7.0.50 it breaks.

So apparently, between 47 and 50 some change occurred that breaks our
login....


On Thu, Mar 12, 2015 at 3:37 PM, David kerber <dckerber@verizon.net> wrote:

> On 3/12/2015 10:16 AM, rop wrote:
>
>> Hi Chris,
>>
>> Thanks for your input.
>>
>> Re your points a+b:
>>    "You have put your <Realm> into conf/context.xml instead of into your
>> web
>> application's META-INF/context.xml"
>>
>> Actually neither ---- we define the <Realm> in
>> $CATALINA_BASE/conf/server.xml
>> That's also what I see in the Tomcat-docs:
>>     http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.
>> html#DataSourceRealm
>>
>
> That is his option (a) in his list.  Did you check that?
>
>
>
>
>> And I see no mention of META-INF anywhere in there.
>>
>> Can you please elaborate what you're referring to?
>>
>>
>>
>>
>> On Wed, Mar 11, 2015 at 2:26 PM, Christopher Schultz <
>> chris@christopherschultz.net> wrote:
>>
>>  -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA256
>>>
>>> Rop,
>>>
>>> On 3/10/15 2:57 PM, rop wrote:
>>>
>>>> We are trying to upgrade Tomcat from 7.0.35 to 7.0.59.
>>>>
>>>> For some reason, the form-based authentication gets broken after
>>>> the upgrade, and just gives "Invalid username and/or password,
>>>> please try again" when trying to login.
>>>>
>>>> Cannot find anything in catalina.out related to this.
>>>>
>>>
>>> What about the other log files in logs/? Nothing?
>>>
>>> :(
>>>
>>>   From our logging, it appears the DataSourceRealm.authenticate()
>>>> never gets called at all.
>>>>
>>>
>>> What is your <Realm> configuration, and in what file is it configured?
>>>
>>>  If I downgrade to 7.0.35, it works again...
>>>>
>>>> Anyone has a clue if anything changed between these versions, what
>>>> the problem might be, or even how to troubleshoot the issue?
>>>>
>>>
>>> Some initial thoughts for what could be wrong:
>>>
>>> a. You have put your <Realm> into conf/server.xml instead of into
>>>     your web application's META-INF/context.xml file, and you forgot
>>>     to copy that configuration from 7.0.35 to your new 7.0.59
>>>     install.
>>>
>>> b. You have put your <Realm> into conf/context.xml instead of into
>>>     your web application's META-INF/context.xml file, and you should
>>>     not have done that at all; move the <Realm> into META-INF/context.xml
>>>
>>> c. The configuration you are modifying isn't the one that Tomcat is
>>>     actually using. I find that this happens a lot to people who are
>>>     launching Tomcat from within an IDE like Eclipse, because the IDE
>>>     does odd things with configuration management.
>>>
>>> d. You installed your JDBC driver into Tomcat 7.0.35's lib/ directory
>>>     and didn't copy it into Tomcat 7.0.59's lib/ directory, though this
>>>     should have given you errors on startup.
>>>
>>> Take a look at those possibilities and let us know what you find.
>>>
>>> - -chris
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1
>>> Comment: GPGTools - http://gpgtools.org
>>>
>>> iQIcBAEBCAAGBQJVAEKTAAoJEBzwKT+lPKRYyHMP/RbZX8neYPrCCGh0lTOQ7PRG
>>> MOXkxFSbQRGsWwV2tyH//Q41IKfSy1Tlb01zbxNklb7gy3h+j+8JgFoYLOjg/iVz
>>> f6XSfw4tUbpTMK/1kqIvpTIMbgi9aK18O+5aLlTdrvAguDZsODgylTi4MTTVZUPZ
>>> v1c+iQbvO8bC7YG81bBm+76rD9pyrMVFbvCPKijfZHTXk5CivaNDwtpysTgDyE65
>>> aG4cHumGSf6JjxSG4cw84OteY6CAYfcNBVDe0/y+F3WKjB6BQ8eHWHEYR57pK+L8
>>> sbxyp6gg5k5Fbrrk/EgEx30CL+rQQfsUkCwKfzlcn3J0fsaE043vnKcNmHA8c6QB
>>> DgC29Bj/o7WkW+hdB7UqB6d0Hq/x+lMZ1JDedEFQFm0IqIxyE3pI6PAX4BHQiWqG
>>> 04QB1kRJ32RhYX3+/6Le16FKVxwp2tjuv+xby6gsIGzEY817nIkmRi9SmdR8pGCx
>>> xaxY4uRCNsRrt3fj/nkpygg/ZABueMt+2ix0Nqpe8Wi5T6O8sTRW3jUqj8ZY78+G
>>> rbJZGBEbUuXe5s5o+ZsIfSjKY1U4NTtQhDd+ti8RpkDGy/pcSj2CNyPJ9NLS4E/u
>>> Lb1JdV2nANX4s5r7vWVP1Satzk4DGSx2e93ddy5wDk14vp09d1Fezaq5H8FXUxnc
>>> mzjWDKZT3BY6OqVoN2yj
>>> =b0eg
>>> -----END PGP SIGNATURE-----
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

--001a11c309d6020f980511195a20--