You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Robert Jacobson <b8...@sneakemail.com> on 2008/04/21 18:33:57 UTC
first authentication attempt fails - mysql timeout
Hi,
I have an existing Tomcat configuration that is working well. However,
it is running version 4.1.31. We are updating the platform, so I
thought I'd take the opportunity to update Tomcat. Unfortunately (??) I
must stick with the Tomcat 4.1 release.
I have a test machine on which I have installed 4.1.37. I only had one
issue with the upgrade -- the authentication was not working quite as
well as it was before. While it worked, I had one issue -- when the
mysql connection would timeout (after 8 hours by default), the
authentication would stop working completely. With tomcat 4.1.31, there
would be an exception w/ stack trace, but it would reconnect and work
right away.
I was authenticating using a mysql database through the JDBCRealm. I
found some posts in the archives (
http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg149130.html)
indicating that switching from the JDBCRealm to DataSourceRealm would
resolve the issue, so I have done so. In the process I also added the
autoReconnect parameter to the connection URL (i.e.
jdbc:mysql://localhost:3325/authority?autoReconnect=true )
I suppose I should note that my configuration is now essentially
straight out of the JNDI datasource HOWTO. I of course changed the
username & password, the port number, and the database name.
I have authentication working with the new configuration. However,
after a mysql connection timeout, the first attempt to authenticate
always fails. The second attempt is successful.
Is there a way to fix this problem?
Thanks for your time.
--
Rob
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: first authentication attempt fails - mysql timeout
Posted by David Smith <dn...@cornell.edu>.
The DatasourceRealm will work. Drop the autoReconnect parameter from
the database url though as it's not recommended by the MySQL folks.
Instead, add a validationQuery to your ResourceParams so database
connections are tested briefly before they are borrowed from the pool.
The query can be as simple as 'select 1'. Also if the Resource you are
trying to use with the Datasource realm is not a global resource, you'll
probably need to add localDataSource="true" to the <Realm ... /> definition.
See the docs at
http://tomcat.apache.org/tomcat-4.1-doc/realm-howto.html#DataSourceRealm
and
http://tomcat.apache.org/tomcat-4.1-doc/jndi-datasource-examples-howto.html
Info regarding autoReconnect can be found at
http://dev.mysql.com/doc/refman/5.0/en/connector-j-reference-configuration-properties.html
(version 5.0 -- you didn't specify mysql version)
-David
Robert Jacobson wrote:
>
> Hi,
>
> I have an existing Tomcat configuration that is working well.
> However, it is running version 4.1.31. We are updating the platform,
> so I thought I'd take the opportunity to update Tomcat. Unfortunately
> (??) I must stick with the Tomcat 4.1 release.
>
> I have a test machine on which I have installed 4.1.37. I only had
> one issue with the upgrade -- the authentication was not working quite
> as well as it was before. While it worked, I had one issue -- when
> the mysql connection would timeout (after 8 hours by default), the
> authentication would stop working completely. With tomcat 4.1.31,
> there would be an exception w/ stack trace, but it would reconnect and
> work right away.
>
> I was authenticating using a mysql database through the JDBCRealm. I
> found some posts in the archives (
> http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg149130.html)
> indicating that switching from the JDBCRealm to DataSourceRealm would
> resolve the issue, so I have done so. In the process I also added the
> autoReconnect parameter to the connection URL (i.e.
> jdbc:mysql://localhost:3325/authority?autoReconnect=true )
>
> I suppose I should note that my configuration is now essentially
> straight out of the JNDI datasource HOWTO. I of course changed the
> username & password, the port number, and the database name.
>
> I have authentication working with the new configuration. However,
> after a mysql connection timeout, the first attempt to authenticate
> always fails. The second attempt is successful.
>
> Is there a way to fix this problem?
>
> Thanks for your time.
>
--
David Smith
Network Operations Supervisor
Department of Entomology
Cornell University
2132 Comstock Hall
Ithaca, NY 14853
Phone: (607) 255-9571
Fax: (607) 255-0940
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: first authentication attempt fails - mysql timeout
Posted by Robert Jacobson <b8...@sneakemail.com>.
Christopher Schultz wrote:
> Yes, using DataSourceRealm is the preferred configuration.
Thank you for confirming that :)
> [...] By the way, there's no reason not
> to upgrade to the most recent Connector/J, either.
Sorry.. are you referring to the mysql-connector JAR file? In my
troubleshooting process I upgraded that to 5.1.6 (i.e.
mysql-connector-java-5.1.6-bin.jar). Obviously it didn't fix things,
but it didn't seem to hurt either :)
> Yes. You should use the validationQuery attribute on your <Resource>
> element.
Thanks. After searching Google to find an example (I'm lazy, shoot me!
:-D ), I added this to my server.xml file. I also removed the
autoReconnect parameter from the connection URL. This does appear to
have resolved the issue!
Thanks to you, and to David Smith, for your thoughtful and clear responses!
--
Rob
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: first authentication attempt fails - mysql timeout
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Robert,
Robert Jacobson wrote:
| I was authenticating using a mysql database through the JDBCRealm. I
| found some posts in the archives (
|
http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg149130.html)
| indicating that switching from the JDBCRealm to DataSourceRealm would
| resolve the issue, so I have done so.
Yes, using DataSourceRealm is the preferred configuration.
| In the process I also added the
| autoReconnect parameter to the connection URL (i.e.
| jdbc:mysql://localhost:3325/authority?autoReconnect=true )
You should remove this parameter. It has been deprecated in favor of
other strategies (see below) for years and years, now (it even says so
in the documentation for Connector/J). By the way, there's no reason not
to upgrade to the most recent Connector/J, either. I don't believe there
are any JDK or Tomcat issues -- although some things have changed such
as the object types returned by ResultSet.getObject() for certain column
data types and the return value (null versus Exception thrown) for
all-zero values in DATE, DATETIME, and TIMESTAMP column data types.
| I have authentication working with the new configuration. However,
| after a mysql connection timeout, the first attempt to authenticate
| always fails. The second attempt is successful.
|
| Is there a way to fix this problem?
Yes. You should use the validationQuery attribute on your <Resource>
element. Set it to something that should always succeed. Most MySQL
users use "SELECT 1" as the simplest possible query. Setting this
attribute to "SELECT 1" will cause the connection pool to test the
connection before handing it over to the Realm for authentication. If
the connection is stale, another connection will be chosen (and so on,
until a non-stale connection is found). Stale connections will be closed
and new ones opened in their places. This is /much/ preferred to using
autoReconnect=true, which always results in the behavior you are
experiencing.
Hope that helps,
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkgMyOAACgkQ9CaO5/Lv0PCRSACfRRlVNk83wOA9iWwz8e24UKU1
RDoAn13KrgCfseodnnRmNQZJeVclNEUA
=S6gp
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org