You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Erik Rumppe <er...@library.berkeley.edu> on 2008/08/27 21:25:20 UTC
Form Authentication Issues
Hello All,
After getting a response yesterday about BASIC authentication and being
told to switch to FORM based authentication, I've been trying to do this
for quite awhile and I can get FORM authentication to work sometimes on
test applications but I can never get it to work on a real application.
I get the login screen correctly but then everytime I try to log in I
get the Error page. HELP!!!! Here is my server.xml file:
<?xml version="1.0" encoding="UTF-8"?>
<Context docBase="/data/_b/TestSite" path="/TestSite">
Resource name="jdbc/lostAndFoundDB" auth="Container"
maxActive="100" maxIdle="30" maxWait="10000"
username="[left blank]" password="[left blank]"
driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://localhost:3306/lostAndFound?autoReconnect=true"
logAbandoned="true" removeAbandoned="true"
removeAbandonedTimeout="60" type="javax.sql.DataSource" />
<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
driverName="com.mysql.jdbc.Driver"
connectionURL="jdbc:mysql://localhost:3306/lostAndFound?user=[left
blank]&password=[left blank]"
userTable="UserPass" userNameCol="Username" userCredCol="Password"
userRoleTable="UserRole" roleNameCol="Rolename" />
</Context>
Currently I am trying to use the JDBCRealm but I have also tried this
using the DataSourceRealm and get the exact same results. For
information purposes here is my web.xml file also:
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>Test Site</display-name>
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.localizationContext
</param-name>
<param-value>messages</param-value>
</context-param>
<servlet>
<servlet-name>vraptor2</servlet-name>
<servlet-class>org.vraptor.VRaptorServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>vraptor2</servlet-name>
<url-pattern>*.logic</url-pattern>
</servlet-mapping>
<!-- Define Velocity template compiler -->
<servlet>
<servlet-name>velocity</servlet-name>
<servlet-class>
org.apache.velocity.tools.view.servlet.VelocityViewServlet
</servlet-class>
</servlet>
<!-- Map *.vm files to Velocity -->
<servlet-mapping>
<servlet-name>velocity</servlet-name>
<url-pattern>*.vm</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>CookieUtil</servlet-name>
<servlet-class>logic.CookieUtil</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>CookieUtil</servlet-name>
<url-pattern>/cookieutil</url-pattern>
</servlet-mapping>
<!-- Database connection information for connection pooling
<res-ref-name>jdbc/testSite</res-ref-name>-->
<res-ref-name>jdbc/lostAndFoundDB</res-ref-name>
<security-role>
<description>Lost and Found Admin</description>
<role-name>lfadmin</role-name>
</security-role>
<security-role>
<description>Lost and Found Staff</description>
<role-name>lfstaff</role-name>
</security-role>
<security-role>
<description>Lost and Found User</description>
<role-name>lfuser</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>lfuser</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/update.form.logic</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>lfstaff</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/itemupdate.insert.logic</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>lfstaff</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/insert.form.logic</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>lfstaff</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/admin.edit.logic</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>lfadmin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/admin.editterms.logic</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>lfadmin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/admin.manage.logic</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>lfadmin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/admin.olditems.logic</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>lfadmin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>lfadmin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.vm</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
<welcome-file-list>
<welcome-file>index.vm</welcome-file>
</welcome-file-list>
</web-app>
I do have the correct table names and columns in my lostAndFound
database and I am using the j_security_check with the j_username and
j_password in my login.vm file. I am using Tomcat6 with VRaptor and
Velocity frameworks. If anyone can help me I would love it! I'm
starting to lose my mind!!!! I've been trying to get this to work with
FORMs for over a month now.
Thanks,
Erik Rumppe
PA II
University of California, Berkeley - LSO
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Form Authentication Issues
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Erik,
Erik Rumppe wrote:
> I get the login screen correctly but then everytime I try to log in I
> get the Error page.
Do you get the login error page ("login failed"), or do you get a Tomcat
error page with a stack trace, etc.?
> HELP!!!! Here is my server.xml file:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <Context docBase="/data/_b/TestSite" path="/TestSite">
You server.xml should not start with a <Context> element. Is this
context.xml by any chance?
It is not legal to use the "docBase" or "path" attributes in <Context>
in context.xml, so remove them. This probably isn't your problem, but it
will probably become a different problem later.
> Resource name="jdbc/lostAndFoundDB" auth="Container"
> maxActive="100" maxIdle="30" maxWait="10000"
> username="[left blank]" password="[left blank]"
> driverClassName="com.mysql.jdbc.Driver"
> url="jdbc:mysql://localhost:3306/lostAndFound?autoReconnect=true"
> logAbandoned="true" removeAbandoned="true"
> removeAbandonedTimeout="60" type="javax.sql.DataSource" />
This element doesn't start with a <. Was that just a copy-paste error?
Also, don't use "autoReconnect=true", regardless of the Tomcat guide.
That parameter has been deprecated from the Connector/J driver and
considered unsuitable for production use. Use validationQuery="SELECT 1"
in your <Resource> element instead.
> <Realm className="org.apache.catalina.realm.JDBCRealm"
Since you are defining a DataSource above, why not use DataSourceRealm?
That way, your logins use the same connection pool as your other
connections.
> debug="99"
> driverName="com.mysql.jdbc.Driver"
> connectionURL="jdbc:mysql://localhost:3306/lostAndFound?user=[left
> blank]&password=[left blank]"
> userTable="UserPass" userNameCol="Username" userCredCol="Password"
> userRoleTable="UserRole" roleNameCol="Rolename" />
> </Context>
>
> Currently I am trying to use the JDBCRealm but I have also tried this
> using the DataSourceRealm and get the exact same results.
You will also need to add this attribute to your <Realm> if you want to
use a DataSourceRealm:
localDataSource="true"
> <!-- Database connection information for connection pooling
> <res-ref-name>jdbc/testSite</res-ref-name>-->
> <res-ref-name>jdbc/lostAndFoundDB</res-ref-name>
This configuration is incorrect. <res-ref-name> is only legal within a
<resource-ref> element. Check the DTD or Schema and correct this. I have
found that Tomcat does not need <resource-ref> elements for DataSources
that have been defined in a webapp's context.xml file. Note that you
never "testSite" anywhere.
Check all that stuff I found and see if your problem still exists. I
suspect that the missing < is the most likely problem.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAki5d6gACgkQ9CaO5/Lv0PDisgCfSXm6xCQqyIQld0eL+8E5s+HA
Ce4An36Q2pggr91Q4nF3dpvwlRTdytGs
=pcPG
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org