• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Devaka Cooray
  • Knute Snortum
  • Paul Clapham
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Bear Bibeault
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Ron McLeod
  • Piet Souris
  • Frits Walraven
Bartenders:
  • Ganesh Patekar
  • Tim Holloway
  • salvin francis

Tomcat authentication problem  RSS feed

 
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello everybody!

I'm using tomcat 7.0 for my jsf2.0 project. I need a BASIC JDBCRealm authentication with 3 different roles (sounds easy)... but somehow I can't get logged in no matter what I try.

I have a MySQL 5.5 DB set up and running and put the connector jar in the tomcats lib folder.

Furthermore there are two tables in my DB containing the users and their roles as described in the tomcat quick start guide.

Thats what I added to my server.xml:


Thats what I added to my web.xml:


When I try to access a page in the /admin folder the login pops up. I enter user: admin pwd: 123 as I got it in my table and nothing happens. I can enter it two more times until a 401 Error Page shows up.

If I enter a false password on the first try I get the following console message on the other tries:
10.07.2011 20:51:43 org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "admin"


Thanks in advance
 
Bartender
Posts: 20765
124
Android Eclipse IDE Java Linux Redhat Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Take another look at your server.xml file. It appears that there's more than one Realm defined, and the JDBCRealm you specified isn't the one being used - it's using a LockOutRealm.

If you don't find the LockOutRealm definition in server.xml, look for an overriding deployment descriptor (context xml) file in TOMCAT_HOME/conf/Catalina/localhost. Also check the WAR for a META-INF/context.xml file.
 
Stefan Ramirez
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Tim Holloway wrote:Take another look at your server.xml file. It appears that there's more than one Realm defined, and the JDBCRealm you specified isn't the one being used - it's using a LockOutRealm.

If you don't find the LockOutRealm definition in server.xml, look for an overriding deployment descriptor (context xml) file in TOMCAT_HOME/conf/Catalina/localhost. Also check the WAR for a META-INF/context.xml file.



Hey Tim!

Thanks for your time... unfortunately, even after deleting all other realms from the server.xml the problem persists and the LockOutRealm still seems to be active. I'm deploying my project via eclipse helios ... could this be part of the problem? The mentioned folder TOMCAT_HOME/conf/Catalina/localhost is empty and in my projects META-INF folder there's only the manifest.
 
Tim Holloway
Bartender
Posts: 20765
124
Android Eclipse IDE Java Linux Redhat Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One of the things that I loathe about WTP is that it mucks around with the Tomcat server configuration. Your original server.xml doesn't count; WTP cloned it and the clone copy probably still has the LockOutRealm in it, since that's not a Realm that's active by default. Your problem will probably magically go away if you run Tomcat stand-alone or under a less obnoxious Eclipse J2EE module like the sysdeo one.

Of course, you can also regenerate the server config using WTP if you prefer to do so, but I can't help much on that. As you may have inferred, I don't have in-depth expertise on WTP, and it's largely due to all the "magic" it does to Tomcat. And the fact that the "magic" can't extend itself to the kinds of extended environments I often run in.
 
Stefan Ramirez
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Tim Holloway wrote:One of the things that I loathe about WTP is that it mucks around with the Tomcat server configuration. Your original server.xml doesn't count; WTP cloned it and the clone copy probably still has the LockOutRealm in it, since that's not a Realm that's active by default. Your problem will probably magically go away if you run Tomcat stand-alone or under a less obnoxious Eclipse J2EE module like the sysdeo one.



Thats what it did ;-/

Thanks again! Much appreciated.
 
Try 100 things. 2 will work out, but you will never know in advance which 2. This tiny ad might be one:
how do I do my own kindle-like thing - without amazon
https://coderanch.com/t/711421/engineering/kindle-amazon
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!