You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Propes, Barry L " <ba...@citi.com> on 2009/02/10 18:49:59 UTC
Tomcat 4.1 security container
Hello, TC developers and users,
I have an interesting issue with my setup to my Oracle connection. I've
been using DBCP for some time in my configuration.
Recently, our Oracle DBAs reassigned the IP address of the server.
Where I show oraservername in my param attribute, I previously ran the
IP address, 192.188.55.553 (e.g.).
FYI, I am running TC 4.1.31 on a Win2K box, using Oracle 10g.
In my server.xml file, I have the following:
------------------------------
<Resource name="jdbc/myoracle" auth="Container"
type="javax.sql.DataSource"/>
<ResourceParams name="jdbc/myoracle">
<parameter>
<name>factory</name>
<value>org.apache.commons.dbcp.BasicDataSourceFactory</value>
</parameter>
<parameter>
<name>driverClassName</name>
<value>oracle.jdbc.OracleDriver</value>
</parameter>
<parameter>
<name>url</name>
<value>jdbc:oracle:thin:@oraservername:1526:CWOPS</value>
</parameter>
<parameter>
<name>username</name>
<value>user_name</value>
</parameter>
<parameter>
<name>password</name>
<value>pass_word</value>
</parameter>
<parameter>
<name>maxActive</name>
<value>125</value>
</parameter>
<parameter>
<name>maxIdle</name>
<value>15</value>
</parameter>
<parameter>
<name>maxWait</name>
<value>7000</value>
</parameter>
<parameter>
<name>removeAbandoned</name>
<value>true</value>
</parameter>
<parameter>
<name>removeAbandonedTimeout</name>
<value>30</value>
</parameter>
<parameter>
<name>logAbandoned</name>
<value>true</value>
</parameter>
<parameter>
<name>minEvictableIdleTimeMillis</name>
<value>5000</value>
</parameter>
<!-- added by BP - per Daniel Stephens email ref-->
<parameter>
<name>timeBetweenEvictionRunsMillis</name>
<value>10000</value>
</parameter>
<parameter>
<name>testWhileIdle</name>
<value>true</value>
</parameter>
</ResourceParams>
------------------------------
Ok, on my desktop/dev environment, I can connect with this and hit the
data I am trying to query, no problem. The problem I am running into is
when I try to log in, the security container doesn't want to seem to
work. Could this be due to any kind of DB caching from Oracle?
Would I need to clean out the work folder or subfolders?
I've tried altering some servlets and recompiling them, and while it
redeploys the war file, some old connection or rather something cached
that tries to use the old connection, or specs to the old connection,
seems to be getting referenced.
I am stumped on this, as it appears I can hit items outside the security
container, just not in them.
If anyone knows what could be causing this, I welcome any feedback, and
let me know if I need to supply any other background regarding this.
I did check the catalina output log and it shows this:
======================================================
2009-02-10 10:22:34 JDBCRealm[Standalone]: Exception performing
authentication
java.sql.SQLException: Io exception: The Network Adapter could not
establish the connection
at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:134)
at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:179)
at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:334)
at
oracle.jdbc.driver.OracleConnection.<init>(OracleConnection.java:418)
at
oracle.jdbc.driver.OracleDriver.getConnectionInstance(OracleDriver.java:
521)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:325)
at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:598)
at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:343)
at
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAut
henticator.java:227)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authenticator
Base.java:432)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i
nvokeNext(StandardPipeline.java:594)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
33)
==========================================================
Not sure though why I get this for the login failure, when the previous
attempt will work ok.
Regards,
Barry Propes
Citimortgage, Inc.
Workflow Enhancements
(972)657-1128
RE: Tomcat 4.1 security container
Posted by "Propes, Barry L " <ba...@citi.com>.
YOU DA MAN, Chris!!
THAT WAS IT!
-----Original Message-----
From: Christopher Schultz [mailto:chris@christopherschultz.net]
Sent: Tuesday, February 10, 2009 2:33 PM
To: Tomcat Users List
Subject: Re: Tomcat 4.1 security container
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Barry,
On 2/10/2009 12:49 PM, Propes, Barry L wrote:
> I did check the catalina output log and it shows this:
> ======================================================
> 2009-02-10 10:22:34 JDBCRealm[Standalone]: Exception performing
> authentication
> java.sql.SQLException: Io exception: The Network Adapter could not
> establish the connection at
> oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:134)
> at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:179)
> at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:334)
> at
> oracle.jdbc.driver.OracleConnection.<init>(OracleConnection.java:418)
> at
>
oracle.jdbc.driver.OracleDriver.getConnectionInstance(OracleDriver.java:
> 521)
> at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:325)
> at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:598)
Note that this is a JDBCRealm, not a DataSourceRealm. That means that
your JDBC configuration for the realm is probably specified in the
<Realm> section of your server.xml, not your <Resource>.
I suspect that your application JDBC connections work just fine, but
your authentications do not work. Check your <Realm>... I'll bet there's
a second set of JDBC connection details there.
Note that you can use a DataSourceRealm and share your JDBC connections
between the app and the authenticator. Some folks object to doing that,
but I find it convenient for configuration /and/ for resource
management.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkmR5JMACgkQ9CaO5/Lv0PB7NQCgrqDJ6x7fvmeUq1te53oJzdn0
E70An1TQpYiEvcjYKjR/x8KhJszeQ2uG
=JzoU
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Tomcat 4.1 security container
Posted by "Propes, Barry L " <ba...@citi.com>.
Thanks, Chris -- I'll double check that!
Been a while since I edited the server.xml doc at all - haven't added
much to the app lately.
Thanks!
-----Original Message-----
From: Christopher Schultz [mailto:chris@christopherschultz.net]
Sent: Tuesday, February 10, 2009 2:33 PM
To: Tomcat Users List
Subject: Re: Tomcat 4.1 security container
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Barry,
On 2/10/2009 12:49 PM, Propes, Barry L wrote:
> I did check the catalina output log and it shows this:
> ======================================================
> 2009-02-10 10:22:34 JDBCRealm[Standalone]: Exception performing
> authentication
> java.sql.SQLException: Io exception: The Network Adapter could not
> establish the connection at
> oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:134)
> at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:179)
> at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:334)
> at
> oracle.jdbc.driver.OracleConnection.<init>(OracleConnection.java:418)
> at
>
oracle.jdbc.driver.OracleDriver.getConnectionInstance(OracleDriver.java:
> 521)
> at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:325)
> at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:598)
Note that this is a JDBCRealm, not a DataSourceRealm. That means that
your JDBC configuration for the realm is probably specified in the
<Realm> section of your server.xml, not your <Resource>.
I suspect that your application JDBC connections work just fine, but
your authentications do not work. Check your <Realm>... I'll bet there's
a second set of JDBC connection details there.
Note that you can use a DataSourceRealm and share your JDBC connections
between the app and the authenticator. Some folks object to doing that,
but I find it convenient for configuration /and/ for resource
management.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkmR5JMACgkQ9CaO5/Lv0PB7NQCgrqDJ6x7fvmeUq1te53oJzdn0
E70An1TQpYiEvcjYKjR/x8KhJszeQ2uG
=JzoU
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 4.1 security container
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Barry,
On 2/10/2009 12:49 PM, Propes, Barry L wrote:
> I did check the catalina output log and it shows this:
> ======================================================
> 2009-02-10 10:22:34 JDBCRealm[Standalone]: Exception performing
> authentication
> java.sql.SQLException: Io exception: The Network Adapter could not
> establish the connection
> at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:134)
> at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:179)
> at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:334)
> at
> oracle.jdbc.driver.OracleConnection.<init>(OracleConnection.java:418)
> at
> oracle.jdbc.driver.OracleDriver.getConnectionInstance(OracleDriver.java:
> 521)
> at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:325)
> at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:598)
Note that this is a JDBCRealm, not a DataSourceRealm. That means that
your JDBC configuration for the realm is probably specified in the
<Realm> section of your server.xml, not your <Resource>.
I suspect that your application JDBC connections work just fine, but
your authentications do not work. Check your <Realm>... I'll bet there's
a second set of JDBC connection details there.
Note that you can use a DataSourceRealm and share your JDBC connections
between the app and the authenticator. Some folks object to doing that,
but I find it convenient for configuration /and/ for resource management.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkmR5JMACgkQ9CaO5/Lv0PB7NQCgrqDJ6x7fvmeUq1te53oJzdn0
E70An1TQpYiEvcjYKjR/x8KhJszeQ2uG
=JzoU
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org