I have a working web app deployed on
Tomcat 7 and it's already using successfully connection pooling from a configured datasource. Trouble is when i enforce authentication i simply can't login. I keep being forwarded to the login-error.html. Nothing being dumped to the logs. Please help! Below are the details:
1.
web.xml
<security-role>
<role-name>cashier</role-name>
</security-role>
<security-role>
<role-name>supervisor</role-name>
</security-role>
<security-role>
<role-name>administrator</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Zone</web-resource-name>
<url-pattern>/reports/*</url-pattern>
<url-pattern>/register/*</url-pattern>
<url-pattern>/index.html</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>administrator</role-name>
<role-name>supervisor</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Zone</web-resource-name>
<url-pattern>/index/*</url-pattern>
<url-pattern>/register/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>cashier</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Secure Zone</realm-name>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/login-error.html</form-error-page>
</form-login-config>
</login-config>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
2.
context.xml
<Resource name="jdbc/myDS"
auth="Container"
type="javax.sql.DataSource"
maxActive="100"
maxIdle="30"
maxWait="10000"
username="use"
password="pass"
driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://IPAddress:3306/homeDB?autoReconnect=true"
removeAbandonedTimeout="60" />
3.
server.xml
<Realm className="org.apache.catalina.realm.DataSourceRealm" debug="99"
dataSourceName="jdbc/myDS"
userTable="userT" userNameCol="username" userCredCol="password"
userRoleTable="userRT" roleNameCol="rolename" />
4.
Authentication & Authorization Tables
CREATE TABLE IF NOT EXISTS userT (
username VARCHAR(20) NOT NULL PRIMARY KEY
,password VARCHAR(20) NOT NULL
);
CREATE TABLE IF NOT EXISTS userRT (
username VARCHAR(20) NOT NULL
,rolename VARCHAR(20) NOT NULL
,PRIMARY KEY (username, rolename)
);
INSERT userT VALUES ('user1', 'user1');
INSERT userRT VALUES ('user1','administrator');
When enter 'user1' for username and 'user1' for password, i keep being sent to the error page.
Here is the login page:
5.
Login Page
<table class="login" width="400pt" height="290pt">
<form action="j_security_check" method="post">
<tr>
<th>Enter Username:</th>
<td><input type="text" name="j_username"/></td>
</tr>
<tr>
<th>Enter Password:</th>
<td><input type="password" name="j_password"/></td>
</tr>
<tr>
<td/>
<td><b><input type="submit" value="Submit"/></b></td>
</tr>
</form>
</table>