You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jonathan Rosenberg <jr...@tabbysplace.org> on 2012/02/08 18:41:25 UTC
Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Vital statistics:
Apache Tomcat/7.0.22 1.6.0_22-b04 Sun Microsystems Inc. Linux
1) Using org.apache.catalina.realm.UserDatabaseRealm for
authentication to Manager app. No pooling.
2) Running a Grails app that is using CAS authentication on remote
server. Using dbcp pooling.
3) App & Tomcat auth use different DBs App's DB is remote, Tomcat is
using local DB server.
4) App is in testing & lightly used during the day. Works fine.
5) App sits idle over night.
If I access my app first thing in the morning, I get the following
Feb 8, 2012 9:09:58 AM org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication
com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException:
No operations allowed after connection closed.Connection was
implicitly closed by the driver.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
. . . .
To me this looks like a DB timeout issue to be solved by pooling. But
here's where I'm confused:
1) I'm trying to authenticate via CAS. Tomcat authentication should
not be an issue. Why is Tomcat trying to authenticate?
2) After this exception, my app gets repeated connection failures
complaining about closed DB connections. But I am using dbcp pooling,
which I;ve done many times without problems. I feel as is this is
related to the Tomcat auth failure.
3) I have to reload the app to make things start working.
I've spent a few days on this, but just made the (theorized)
connection between Tomcat auth failure & my app's failures.
I'm gonna start digging into this theory but was hoping for some ideas
& pointers.
TIA,
--
Jonathan Rosenberg
Founder & Executive Director
Tabby's Place, a Cat Sanctuary
http://www.tabbysplace.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Jonathan Rosenberg <jr...@tabbysplace.org>.
After many sessions of logging, testing, etc. I have convinced that I
have been looking at tow unrelated issues:
1) Tomcat's auth was failing due to closed DB connections. But this is
actually not a problem & was unrelated to the problem I was trying to
track down.
2) My app's DB pool is not set up correctly. I need to figure out how/why now.
It was coincidental timing in the the logs that was leading me to
believe the two were related.
Thanks to all of you who offered suggestions. I belong to many tech
forums, but this is the easiest one on which to get good help.
Actually, makes me wish I had more problems with Tomcat than my other
systems :-)
--
Jonathan Rosenberg
Founder & Executive Director
Tabby's Place, a Cat Sanctuary
http://www.tabbysplace.org/
On Thu, Feb 9, 2012 at 4:46 AM, Pid <pi...@pidster.com> wrote:
> On 09/02/2012 00:19, Jonathan Rosenberg wrote:
>> Thanks to all who are trying to help. See info below.
>
>
>> Here it is:
>
> What about the appname/WEB-INF/web.xml?
>
>
> p
>
>
> --
>
> [key:62590808]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Pid <pi...@pidster.com>.
On 09/02/2012 00:19, Jonathan Rosenberg wrote:
> Thanks to all who are trying to help. See info below.
> Here it is:
What about the appname/WEB-INF/web.xml?
p
--
[key:62590808]
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Jonathan Rosenberg <jr...@tabbysplace.org>.
Thanks to all who are trying to help. See info below.
On Wed, Feb 8, 2012 at 6:10 PM, Caldarale, Charles R
<Ch...@unisys.com> wrote:
>> From: shmoldie@gmail.com [mailto:shmoldie@gmail.com]
>> On Behalf Of Jonathan Rosenberg
>> Subject: Re: Why am I Getting org.apache.catalina.realm.JDBCRealm
>> getPassword SEVERE: Exception performing authentication?
>
>> there is no effective web.xml output in any of the log files.
>
> So what are your logging levels set to? The logEffectiveWebXml tag should be logging at INFO, so you're going to need at least that set in your conf/logging.properties file, assuming you haven't switched to log4j.
I see lots of INFO output in catalina.out. I use the standard Tomcat
logging, but I don't know what to set or look for in
logging.properties.
> Might want to post your conf/context.xml for us, just to see if there might be a typo in it.
> - Chuck
Here it is:
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- The contents of this file will be loaded for each web application -->
<Context logEffectiveWebXml="true">
<!-- Default set of monitored resources -->
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<!-- Uncomment this to disable session persistence across Tomcat
restarts -->
<!--
<Manager pathname="" />
-->
<!-- Uncomment this to enable Comet connection tacking (provides events
on session expiration as well as webapp lifecycle) -->
<!--
<Valve className="org.apache.catalina.valves.CometConnectionManagerValve" />
-->
</Context>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Why am I Getting org.apache.catalina.realm.JDBCRealm
getPassword SEVERE: Exception performing authentication?
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: shmoldie@gmail.com [mailto:shmoldie@gmail.com]
> On Behalf Of Jonathan Rosenberg
> Subject: Re: Why am I Getting org.apache.catalina.realm.JDBCRealm
> getPassword SEVERE: Exception performing authentication?
> there is no effective web.xml output in any of the log files.
So what are your logging levels set to? The logEffectiveWebXml tag should be logging at INFO, so you're going to need at least that set in your conf/logging.properties file, assuming you haven't switched to log4j.
Might want to post your conf/context.xml for us, just to see if there might be a typo in it.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Jonathan Rosenberg <jr...@tabbysplace.org>.
On Wed, Feb 8, 2012 at 5:05 PM, Caldarale, Charles R
<Ch...@unisys.com> wrote:
>> From: shmoldie@gmail.com [mailto:shmoldie@gmail.com]
>> On Behalf Of Jonathan Rosenberg
>> Subject: Re: Why am I Getting org.apache.catalina.realm.JDBCRealm
>> getPassword SEVERE: Exception performing authentication?
>
>> From reading the docs, I expected to see something in catalina.out.
>
> It certainly won't show up in catalina.out - that's only for catching output from sloppy webapps too lazy to use a real logger. Look in the other log files.
>
> - Chuck
Well, there is no effective web.xml output in any of the log files. I
checked every log file that been modified sometime today.
Nada.
What could be going on?
--
Jonathan Rosenberg
Founder & Executive Director
Tabby's Place, a Cat Sanctuary
http://www.tabbysplace.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Why am I Getting org.apache.catalina.realm.JDBCRealm
getPassword SEVERE: Exception performing authentication?
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: shmoldie@gmail.com [mailto:shmoldie@gmail.com]
> On Behalf Of Jonathan Rosenberg
> Subject: Re: Why am I Getting org.apache.catalina.realm.JDBCRealm
> getPassword SEVERE: Exception performing authentication?
> From reading the docs, I expected to see something in catalina.out.
It certainly won't show up in catalina.out - that's only for catching output from sloppy webapps too lazy to use a real logger. Look in the other log files.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Jonathan Rosenberg <jr...@tabbysplace.org>.
See below
On Wed, Feb 8, 2012 at 2:59 PM, Mark Thomas <ma...@apache.org> wrote:
> On 08/02/2012 19:52, Jonathan Rosenberg wrote:
>> Mark,
>>
>> Thanks for the reply.
>>
>>>> I don't understand why Tomcat is involved in the authentication (the
>>>> exception happens in org.apache.catalina.realm.JDBCRealm getPassword)
>>>> at this point. As far as I know, the only authentication going on
>>>> should be the CAS authentication used by my app.
>>
>>> This means you are using Tomcat's BASIC authentication.
>>> It appears you do not have CAS configured correctly. Check your web.xml.
>>
>> I'm (obviously) a novice here. Which web.xml should I be checking?
>>
>> - The app's web.xml? (There is mention of anything security-related there).
>>
>> - The 'root' web.xml?
>
> Ah. The joy's of debugging Servlet 3.0 applications. Web fragments were
> such a good idea. Not.
>
> In CATALINA_BASE/conf/context.xml, add the following to the <Context
> .../> element:
>
> logEffectiveWebXml="true"
>
> That will cause Tomcat to log the result of merging the default web.xml,
> host level web.xml, app level web.xml, web fragments and annotations as
> an 'effective' web.xml file. Then look at your app for the CAS config
> and and <login-config .../> sections.
I modified the Context element in context.xml as follows
<Context logEffectiveWebXml="true">
>From reading the docs, I expected to see something in catalina.out.
Nothing new there. Do I need to set the log level somewhere?
--
Jonathan Rosenberg
Founder & Executive Director
Tabby's Place, a Cat Sanctuary
http://www.tabbysplace.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Mark Thomas <ma...@apache.org>.
On 08/02/2012 19:52, Jonathan Rosenberg wrote:
> Mark,
>
> Thanks for the reply.
>
>>> I don't understand why Tomcat is involved in the authentication (the
>>> exception happens in org.apache.catalina.realm.JDBCRealm getPassword)
>>> at this point. As far as I know, the only authentication going on
>>> should be the CAS authentication used by my app.
>
>> This means you are using Tomcat's BASIC authentication.
>> It appears you do not have CAS configured correctly. Check your web.xml.
>
> I'm (obviously) a novice here. Which web.xml should I be checking?
>
> - The app's web.xml? (There is mention of anything security-related there).
>
> - The 'root' web.xml?
Ah. The joy's of debugging Servlet 3.0 applications. Web fragments were
such a good idea. Not.
In CATALINA_BASE/conf/context.xml, add the following to the <Context
.../> element:
logEffectiveWebXml="true"
That will cause Tomcat to log the result of merging the default web.xml,
host level web.xml, app level web.xml, web fragments and annotations as
an 'effective' web.xml file. Then look at your app for the CAS config
and and <login-config .../> sections.
> Is there any easy way to tturn on logging for Tomcat's authentication?
I don't think that is going to help much right now.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Jonathan Rosenberg <jr...@tabbysplace.org>.
Mark,
Thanks for the reply.
>> I don't understand why Tomcat is involved in the authentication (the
>> exception happens in org.apache.catalina.realm.JDBCRealm getPassword)
>> at this point. As far as I know, the only authentication going on
>> should be the CAS authentication used by my app.
> This means you are using Tomcat's BASIC authentication.
> It appears you do not have CAS configured correctly. Check your web.xml.
I'm (obviously) a novice here. Which web.xml should I be checking?
- The app's web.xml? (There is mention of anything security-related there).
- The 'root' web.xml?
Is there any easy way to tturn on logging for Tomcat's authentication?
--
Jonathan Rosenberg
Founder & Executive Director
Tabby's Place, a Cat Sanctuary
http://www.tabbysplace.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Mark Thomas <ma...@apache.org>.
On 08/02/2012 19:15, Jonathan Rosenberg wrote:
> On Wed, Feb 8, 2012 at 1:41 PM, Mark Thomas <ma...@apache.org> wrote:
>> On 08/02/2012 18:23, Jonathan Rosenberg wrote:
>>> Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException:
>>> The last packet successfully received from the server was 58,153,867
>>> milliseconds ago. The last packet sent successfully to the server was
>>> 58,153,867 milliseconds ago. is longer than the server configured
>>> value of 'wait_timeout'. You should consider either expiring and/or
>>> testing connection validity before use in your application, increasing
>>> the server configured values for client timeouts, or using the
>>> Connector/J connection property 'autoReconnect=true' to avoid this
>>> problem.
>>
>> Which part of this is unclear?
>
> The message is, indeed, perfectly clear. Did you read my post?
>
> I don't understand why Tomcat is involved in the authentication (the
> exception happens in org.apache.catalina.realm.JDBCRealm getPassword)
> at this point. As far as I know, the only authentication going on
> should be the CAS authentication used by my app.
> SEVERE: Exception performing authentication
> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException:
> No operations allowed after connection closed.Connection was
> implicitly closed by the driver.
> at
sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
> at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
> at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
> at com.mysql.jdbc.Util.getInstance(Util.java:384)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1015)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:989)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:984)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:929)
> at
com.mysql.jdbc.ConnectionImpl.throwConnectionClosedException(ConnectionImpl.java:1193)
> at com.mysql.jdbc.ConnectionImpl.getMutex(ConnectionImpl.java:3035)
> at com.mysql.jdbc.ConnectionImpl.commit(ConnectionImpl.java:1612)
> at
org.apache.catalina.realm.JDBCRealm.getPassword(JDBCRealm.java:579)
> at
org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:408)
> at
org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:355)
> at
org.apache.catalina.realm.CombinedRealm.authenticate(CombinedRealm.java:146)
> at
org.apache.catalina.realm.LockOutRealm.authenticate(LockOutRealm.java:180)
> at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:157)
This means you are using Tomcat's BASIC authentication.
It appears you do not have CAS configured correctly. Check your web.xml.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Jonathan Rosenberg <jr...@tabbysplace.org>.
On Wed, Feb 8, 2012 at 1:41 PM, Mark Thomas <ma...@apache.org> wrote:
> On 08/02/2012 18:23, Jonathan Rosenberg wrote:
>> Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException:
>> The last packet successfully received from the server was 58,153,867
>> milliseconds ago. The last packet sent successfully to the server was
>> 58,153,867 milliseconds ago. is longer than the server configured
>> value of 'wait_timeout'. You should consider either expiring and/or
>> testing connection validity before use in your application, increasing
>> the server configured values for client timeouts, or using the
>> Connector/J connection property 'autoReconnect=true' to avoid this
>> problem.
>
> Which part of this is unclear?
The message is, indeed, perfectly clear. Did you read my post?
I don't understand why Tomcat is involved in the authentication (the
exception happens in org.apache.catalina.realm.JDBCRealm getPassword)
at this point. As far as I know, the only authentication going on
should be the CAS authentication used by my app.
Clear now?
--
Jonathan Rosenberg
Founder & Executive Director
Tabby's Place, a Cat Sanctuary
http://www.tabbysplace.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Mark Thomas <ma...@apache.org>.
On 08/02/2012 18:23, Jonathan Rosenberg wrote:
> Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException:
> The last packet successfully received from the server was 58,153,867
> milliseconds ago. The last packet sent successfully to the server was
> 58,153,867 milliseconds ago. is longer than the server configured
> value of 'wait_timeout'. You should consider either expiring and/or
> testing connection validity before use in your application, increasing
> the server configured values for client timeouts, or using the
> Connector/J connection property 'autoReconnect=true' to avoid this
> problem.
Which part of this is unclear?
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword SEVERE: Exception performing authentication?
Posted by Mark Eggers <it...@yahoo.com>.
Jonathan,
This is edited for compactness. Comments mostly inline.
----- Original Message -----
> From: Jonathan Rosenberg <jr...@tabbysplace.org>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Cc:
> Sent: Wednesday, February 8, 2012 10:23 AM
> Subject: Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword SEVERE: Exception performing authentication?
>
> On Wed, Feb 8, 2012 at 1:08 PM, Konstantin Kolinko
> <kn...@gmail.com> wrote:
>> 2012/2/8 Jonathan Rosenberg <jr...@tabbysplace.org>:
>>> Vital statistics:
>>>
>>> Apache Tomcat/7.0.22 1.6.0_22-b04 Sun Microsystems Inc.
> Linux
>>>
>>> 1) Using org.apache.catalina.realm.UserDatabaseRealm for
>>> authentication to Manager app. No pooling.
>>> 2) Running a Grails app that is using CAS authentication on remote
>>> server. Using dbcp pooling.
>>> 3) App & Tomcat auth use different DBs App's DB is remote,
> Tomcat is
>>> using local DB server.
>>> 4) App is in testing & lightly used during the day. Works fine.
>>> 5) App sits idle over night.
>>>
>>> If I access my app first thing in the morning, I get the following
>>>
>>> Feb 8, 2012 9:09:58 AM org.apache.catalina.realm.JDBCRealm getPassword
>>
>> JDBCRealm does not use pooling. (The recommended alternative that uses
>> pooling is DataSourceRealm).
>>
>> It does not match your configuration description above, so I am
>> confused. Maybe you can inspect your configuration more closely and
>> find where this realm comes from.
>
> Good point. I have the following Realms in server.xml:
>
> <Realm className="org.apache.catalina.realm.LockOutRealm">
> <Realm className="org.apache.catalina.realm.JDBCRealm"
> debug="99"
> driverName="com.mysql.jdbc.Driver"
> connectionURL="jdbc:mysql://localhost/Tomcat?user=baba&password=booey"
> userTable="users" userNameCol="username"
> userCredCol="password"
> userRoleTable="user_roles" roleNameCol="rolename"/>
This indicates that you're using a JDBCRealm. There are lots of problems with this which are mentioned in the documentation.
It's synchronous - only one connection is providing this information. This may not be a problem if your application is not heavily used. Then again, it may.
It's subject to whatever timeouts your database (MySQL) enforces for idle connections. This is why the connection is closed overnight.
For MySQL, autoReconnect=true is problematic, and has been commented on in both this mailing list and on the MySQL forums. In short, do not depend on autoReconnect.
Also, from what I just skimmed on the Tomcat site, debug is no longer a valid attribute (maybe from Tomcat 5.0?).
>>> To me this looks like a DB timeout issue to be solved by pooling. But
>>> here's where I'm confused:
And you are correct, this needs to be solved by pooling. You need to be using a DataSourceRealm rather than a JDBCRealm for this.
The documentation is a little scattered the last time I checked, but I did write up a consolidated version on the Wiki. Check the following link:
http://wiki.apache.org/tomcat/TomcatDataSourceRealms
You'll need to change the validationQuery on the Resource definition from the example since it's different for different databases.
>>> 1) I'm trying to authenticate via CAS. Tomcat authentication
> should
>>> not be an issue. Why is Tomcat trying to authenticate?
You have a JDBCRealm which makes a connection to a MySQL database. Are you using this for authentication / authorization? If so, see above on how to move to a DataSourceRealm. If not, why do you have this Realm in your configuration?
>>> 2) After this exception, my app gets repeated connection failures
>>> complaining about closed DB connections. But I am using dbcp pooling,
>>> which I;ve done many times without problems. I feel as is this is
>>> related to the Tomcat auth failure.
>>> 3) I have to reload the app to make things start working.
Stale connections get terminated by the database. autoReconnect would solve this, but it really doesn't. Busy sites slow down because there's only one connection providing the information.
. . . . just my two cents.
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Jonathan Rosenberg <jr...@tabbysplace.org>.
On Wed, Feb 8, 2012 at 1:08 PM, Konstantin Kolinko
<kn...@gmail.com> wrote:
> 2012/2/8 Jonathan Rosenberg <jr...@tabbysplace.org>:
>> Vital statistics:
>>
>> Apache Tomcat/7.0.22 1.6.0_22-b04 Sun Microsystems Inc. Linux
>>
>> 1) Using org.apache.catalina.realm.UserDatabaseRealm for
>> authentication to Manager app. No pooling.
>> 2) Running a Grails app that is using CAS authentication on remote
>> server. Using dbcp pooling.
>> 3) App & Tomcat auth use different DBs App's DB is remote, Tomcat is
>> using local DB server.
>> 4) App is in testing & lightly used during the day. Works fine.
>> 5) App sits idle over night.
>>
>> If I access my app first thing in the morning, I get the following
>>
>> Feb 8, 2012 9:09:58 AM org.apache.catalina.realm.JDBCRealm getPassword
>
> JDBCRealm does not use pooling. (The recommended alternative that uses
> pooling is DataSourceRealm).
>
> It does not match your configuration description above, so I am
> confused. Maybe you can inspect your configuration more closely and
> find where this realm comes from.
Good point. I have the following Realms in server.xml:
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
driverName="com.mysql.jdbc.Driver"
connectionURL="jdbc:mysql://localhost/Tomcat?user=baba&password=booey"
userTable="users" userNameCol="username" userCredCol="password"
userRoleTable="user_roles" roleNameCol="rolename"/>
>> SEVERE: Exception performing authentication
>> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException:
>> No operations allowed after connection closed.Connection was
>> implicitly closed by the driver.
>> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
>> . . . .
>
> The full stacktrace may help to find where this call comes from. (Re:
> your question "Why is Tomcat trying to authenticate?").
>
> "newInstance0()", so it tries to create an instance of some class?
Here it is.
Feb 8, 2012 9:09:58 AM org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication
com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException:
No operations allowed after connection closed.Connection was
implicitly closed by the driver.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
at com.mysql.jdbc.Util.getInstance(Util.java:384)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1015)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:989)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:984)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:929)
at com.mysql.jdbc.ConnectionImpl.throwConnectionClosedException(ConnectionImpl.java:1193)
at com.mysql.jdbc.ConnectionImpl.getMutex(ConnectionImpl.java:3035)
at com.mysql.jdbc.ConnectionImpl.commit(ConnectionImpl.java:1612)
at org.apache.catalina.realm.JDBCRealm.getPassword(JDBCRealm.java:579)
at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:408)
at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:355)
at org.apache.catalina.realm.CombinedRealm.authenticate(CombinedRealm.java:146)
at org.apache.catalina.realm.LockOutRealm.authenticate(LockOutRealm.java:180)
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:157)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:964)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException:
The last packet successfully received from the server was 58,153,867
milliseconds ago. The last packet sent successfully to the server was
58,153,867 milliseconds ago. is longer than the server configured
value of 'wait_timeout'. You should consider either expiring and/or
testing connection validity before use in your application, increasing
the server configured values for client timeouts, or using the
Connector/J connection property 'autoReconnect=true' to avoid this
problem.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:1118)
at com.mysql.jdbc.MysqlIO.send(MysqlIO.java:3321)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1940)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2113)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2568)
at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:2113)
at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:2275)
at org.apache.catalina.realm.JDBCRealm.getPassword(JDBCRealm.java:557)
... 17 more
Caused by: java.net.SocketException: Broken pipe
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
at java.net.SocketOutputStream.write(SocketOutputStream.java:136)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at com.mysql.jdbc.MysqlIO.send(MysqlIO.java:3302)
... 23 more
>>
>> To me this looks like a DB timeout issue to be solved by pooling. But
>> here's where I'm confused:
>>
>> 1) I'm trying to authenticate via CAS. Tomcat authentication should
>> not be an issue. Why is Tomcat trying to authenticate?
>> 2) After this exception, my app gets repeated connection failures
>> complaining about closed DB connections. But I am using dbcp pooling,
>> which I;ve done many times without problems. I feel as is this is
>> related to the Tomcat auth failure.
>> 3) I have to reload the app to make things start working.
>>
>> I've spent a few days on this, but just made the (theorized)
>> connection between Tomcat auth failure & my app's failures.
>>
>> I'm gonna start digging into this theory but was hoping for some ideas
>> & pointers.
>>
>
> Best regards,
> Konstantin Kolinko
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Why am I Getting org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication?
Posted by Konstantin Kolinko <kn...@gmail.com>.
2012/2/8 Jonathan Rosenberg <jr...@tabbysplace.org>:
> Vital statistics:
>
> Apache Tomcat/7.0.22 1.6.0_22-b04 Sun Microsystems Inc. Linux
>
> 1) Using org.apache.catalina.realm.UserDatabaseRealm for
> authentication to Manager app. No pooling.
> 2) Running a Grails app that is using CAS authentication on remote
> server. Using dbcp pooling.
> 3) App & Tomcat auth use different DBs App's DB is remote, Tomcat is
> using local DB server.
> 4) App is in testing & lightly used during the day. Works fine.
> 5) App sits idle over night.
>
> If I access my app first thing in the morning, I get the following
>
> Feb 8, 2012 9:09:58 AM org.apache.catalina.realm.JDBCRealm getPassword
JDBCRealm does not use pooling. (The recommended alternative that uses
pooling is DataSourceRealm).
It does not match your configuration description above, so I am
confused. Maybe you can inspect your configuration more closely and
find where this realm comes from.
> SEVERE: Exception performing authentication
> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException:
> No operations allowed after connection closed.Connection was
> implicitly closed by the driver.
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> . . . .
The full stacktrace may help to find where this call comes from. (Re:
your question "Why is Tomcat trying to authenticate?").
"newInstance0()", so it tries to create an instance of some class?
>
> To me this looks like a DB timeout issue to be solved by pooling. But
> here's where I'm confused:
>
> 1) I'm trying to authenticate via CAS. Tomcat authentication should
> not be an issue. Why is Tomcat trying to authenticate?
> 2) After this exception, my app gets repeated connection failures
> complaining about closed DB connections. But I am using dbcp pooling,
> which I;ve done many times without problems. I feel as is this is
> related to the Tomcat auth failure.
> 3) I have to reload the app to make things start working.
>
> I've spent a few days on this, but just made the (theorized)
> connection between Tomcat auth failure & my app's failures.
>
> I'm gonna start digging into this theory but was hoping for some ideas
> & pointers.
>
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org