Troubleshooting in JDBC/Postgres Authentication Example
Question
I am trying to teach myself Java Servlets and JSP, and I am having an issue with authenticating with Tomcat 7 and Postgres 9.1.
It seems to be error free (Tomcat is not throwing any JAVA errors in its log file) and working however it is missing something because it never lets me authenticate. Almost like the username and password does not match whats in my table spaces within postgres.
Is there a way to introduce extra logging into my code so that I can see what is being queried and what is being returned and why there is a mismatch. This will certainly help my troubleshooting efforts.
For your information I am attaching my context.xml (META_INF), web.xml (WEB_INF) and my login html)
I appreciate your help
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<!-- Define two security roles -->
<security-role>
<description>customer service testers</description>
<role-name>testing</role-name>
</security-role>
<security-role>
<description>system developers</description>
<role-name>developer</role-name>
</security-role>
<!-- Restrict access to all files in the /admin folder -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<!-- Authorize the programmer and service roles -->
<auth-constraint>
<role-name>developer</role-name>
<role-name>testing</role-name>
</auth-constraint>
</security-constraint>
<!-- Use form-based authentication -->
<!--<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/admin/login.html</form-login-page>
<form-error-page>/admin/login_error.html</form-error-page>
</form-login-config>
</login-config>
-->
<!-- Use basic authentication -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Admin Login</realm-name>
</login-config>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
<?xml version="1.0" encoding="UTF-8"?>
<Context path="/AUTHExample">
<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
driverName="org.postgresql.Driver"
connectionURL="jdbc:postgresql://localhost:5432/mydb"
connectionName="postgres" connectionPassword="postgres"
userTable="userpass" userNameCol="user" userCredCol="passwd"
userRoleTable="userrole" roleNameCol="rolename"
/>
</Context>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Learning to Authenticate</title>
</head>
<body>
<h1>Admin Login Form</h1>
<p>Please enter your username and password to continue.</p>
<table cellspacing="5" border="0">
<form action="j_security_check" method="get">
<tr>
<td align="right">Username</td>
<td><input type="text" name="j_username"></td>
</tr>
<tr>
<td align="right">Password</td>
<td><input type="password" name="j_password"></td>
</tr>
<tr>
<td><input type="submit" value="Login"></td>
</tr>
</form>
</table>
</body>
</html>
1 answers
solution1
0 ACCPTED 2013-04-14 06:17:34
Ok, so I solved my problem and considering how often this seems to come up I thought I would answer it for future people who stumble across it.
The problem I was having above was due to different column names for username in the user/password table and the rolename table. SQL had assigned it "user" instead of user.
Of note, if the role isnt defined properly in the web.xml, a 403 error displays when the username and password is correct.
Hope that was a help
Thank you
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.