Win a copy of Five Lines of Code this week in the OO, Patterns, UML and Refactoring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

Tomcat authentication problem

 
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello everybody!

I'm using tomcat 7.0 for my jsf2.0 project. I need a BASIC JDBCRealm authentication with 3 different roles (sounds easy)... but somehow I can't get logged in no matter what I try.

I have a MySQL 5.5 DB set up and running and put the connector jar in the tomcats lib folder.

Furthermore there are two tables in my DB containing the users and their roles as described in the tomcat quick start guide.

Thats what I added to my server.xml:


Thats what I added to my web.xml:


When I try to access a page in the /admin folder the login pops up. I enter user: admin pwd: 123 as I got it in my table and nothing happens. I can enter it two more times until a 401 Error Page shows up.

If I enter a false password on the first try I get the following console message on the other tries:
10.07.2011 20:51:43 org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "admin"


Thanks in advance
 
Saloon Keeper
Posts: 22265
151
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Take another look at your server.xml file. It appears that there's more than one Realm defined, and the JDBCRealm you specified isn't the one being used - it's using a LockOutRealm.

If you don't find the LockOutRealm definition in server.xml, look for an overriding deployment descriptor (context xml) file in TOMCAT_HOME/conf/Catalina/localhost. Also check the WAR for a META-INF/context.xml file.
 
Stefan Ramirez
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Tim Holloway wrote:Take another look at your server.xml file. It appears that there's more than one Realm defined, and the JDBCRealm you specified isn't the one being used - it's using a LockOutRealm.

If you don't find the LockOutRealm definition in server.xml, look for an overriding deployment descriptor (context xml) file in TOMCAT_HOME/conf/Catalina/localhost. Also check the WAR for a META-INF/context.xml file.



Hey Tim!

Thanks for your time... unfortunately, even after deleting all other realms from the server.xml the problem persists and the LockOutRealm still seems to be active. I'm deploying my project via eclipse helios ... could this be part of the problem? The mentioned folder TOMCAT_HOME/conf/Catalina/localhost is empty and in my projects META-INF folder there's only the manifest.
 
Tim Holloway
Saloon Keeper
Posts: 22265
151
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One of the things that I loathe about WTP is that it mucks around with the Tomcat server configuration. Your original server.xml doesn't count; WTP cloned it and the clone copy probably still has the LockOutRealm in it, since that's not a Realm that's active by default. Your problem will probably magically go away if you run Tomcat stand-alone or under a less obnoxious Eclipse J2EE module like the sysdeo one.

Of course, you can also regenerate the server config using WTP if you prefer to do so, but I can't help much on that. As you may have inferred, I don't have in-depth expertise on WTP, and it's largely due to all the "magic" it does to Tomcat. And the fact that the "magic" can't extend itself to the kinds of extended environments I often run in.
 
Stefan Ramirez
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Tim Holloway wrote:One of the things that I loathe about WTP is that it mucks around with the Tomcat server configuration. Your original server.xml doesn't count; WTP cloned it and the clone copy probably still has the LockOutRealm in it, since that's not a Realm that's active by default. Your problem will probably magically go away if you run Tomcat stand-alone or under a less obnoxious Eclipse J2EE module like the sysdeo one.



Thats what it did ;-/

Thanks again! Much appreciated.
 
Beware the other head of science - it bites! Nibble on this message:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
    Bookmark Topic Watch Topic
  • New Topic