Solved

j_security_check Authentication Error!

Posted on 2004-09-08
13
1,413 Views
Last Modified: 2008-02-01
Hello all,

Everything seems 2b correct but still I'm unable to aunthenticate. Upon start its calling for login page, when I enter the user/password listed in the tomcat-users.xml its not accepting and redirecting me to the error.html page. Plz check below my files and let me know whtz wrong and how should I proceed for realm stuff...(I also tried user/password present in the database but still redirecting me to error.html)

My web.xml:


........        
<security-constraint>
        <web-resource-collection>
                <web-resource-name>MyFirst</web-resource-name>
                <description> accessible by authenticated users of the tomcat role</description>
                <url-pattern>/resource/*</url-pattern>
                <http-method>GET</http-method>
                <http-method>POST</http-method>
                <http-method>PUT</http-method>
                <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
                <description>These roles are allowed access</description>
                <role-name>tomcat</role-name>
                <role-name>admin</role-name>                
        </auth-constraint>
</security-constraint>

<login-config>
        <auth-method>FORM</auth-method>
        <realm-name>MyFirst Protected Area</realm-name>
        <form-login-config>
                <form-login-page>/resource/login.jsp</form-login-page>
                <form-error-page>/resource/autherr.html</form-error-page>
        </form-login-config>
</login-config>

<security-role>
        <role-name>tomcat</role-name>
        <role-name>admin</role-name>
</security-role>
.....

My tomcat-users.xml (Tomact 5.0 >>conf>>tomcat-users.xml)

.............
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="view"/>
  <role rolename="tomcat"/>
  <role rolename="manager"/>
  <role rolename="admin"/>
  <user username="tomcat" password="tomcat" roles="tomcat"/>
  <user username="admin" password="admin" roles="admin,manager"/>
</tomcat-users>

..........

My Server.xml (Tomact 5.0 >>conf>>server.xml)

.....
 <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.postgressql.Driver"
             connectionURL="jdbc:postgresql://localhost/mmdb"  userTable="users" userNameCol="user_name" userCredCol="user_password"
                   userRoleTable="user_roles" roleNameCol="role_name" />
........

Regards,
Hyd
0
Comment
Question by:princehyderabad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
13 Comments
 
LVL 11

Expert Comment

by:sompol_kiatkamolchai
ID: 12009059
Do you add that user to role which has permission to access resource?
0
 

Author Comment

by:princehyderabad
ID: 12009272
I didnt get you ? the tomcat.users.xml was there already when I opened the file. what is the method to add plz tell me.
0
 

Author Comment

by:princehyderabad
ID: 12009684
hi sompol, this is the error i found on the console:

Caused by: java.io.IOException: Unable to locate a login configuration at com.sun.security.auth.login.ConfigFile.init(Unknown Source)
      ... 34 more
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:princehyderabad
ID: 12009885
Even my http://localhost:8080/jsp-examples/security/protected/login.jsp 
not showing up. I mean it is asking for user/pass but when I enter tomcat/tomcat or admin/admin its redirecting me to error page.

Seems like I need to fix something globally in security file or somewhere to make my "resource" folder and above "jsp-example" folder get authentication....
0
 

Author Comment

by:princehyderabad
ID: 12012013
Hello Sompol,

This is the latest update, DONT SEE ABOVE COMMENTS. Here is the case now:

If I use this Realm in Server.xml it working:
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"/>

If I use Realm Database in Server.xml it not working: ANYTHING WRONG IN BELOW CODE ?

<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.postgressql.Driver"  connectionURL="jdbc:postgresql://localhost/mmdb"  userTable="users" userNameCol="user_name" userCredCol="user_password"     userRoleTable="user_roles" roleNameCol="role_name"/>

OR DO i NEED TO MODIFY MY web.xml: See below and let me know.

<security-constraint>
        <web-resource-collection>
                <web-resource-name>MyFirst</web-resource-name>
                <description> accessible by authenticated users of the tomcat role</description>
                <url-pattern>/resource/*</url-pattern>
                <http-method>GET</http-method>
                <http-method>POST</http-method>
                <http-method>PUT</http-method>
                <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
                <description>These roles are allowed access</description>
                <role-name>tomcat</role-name>
                <role-name>Administrator</role-name>                
                <role-name>Read Only</role-name>
        </auth-constraint>
</security-constraint>

<login-config>
        <auth-method>FORM</auth-method>
        <realm-name>MyFirst Protected Area</realm-name>
        <form-login-config>
                <form-login-page>/resource/login.jsp</form-login-page>
                <form-error-page>/resource/autherr.html</form-error-page>
        </form-login-config>
</login-config>

<security-role>
        <description>Only role below is allowed to access this web application</description>
        <role-name>tomcat</role-name>
        <role-name>Administrator</role-name>
       <role-name>Read Only</role-name>
       
</security-role>

MY tomcat-users.xml

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="login"/>
  <role rolename="tomcat"/>
  <role rolename="role1"/>
  <role rolename="Administrator"/>
  <role rolename="manager"/>
  <role rolename="admin"/>
  <user username="admin" password="admin" roles="manager"/>
  <user username="a123" password="a123" roles="Administrator,tomcat,admin,manager"/>
</tomcat-users>

OVERALL SUITATION: My Authencation (j_security_check) is working when I type user= a123;  pass=a123 which is saved in the tomcat-users.xml but when I change my Realm setting (ie)
<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.postgressql.Driver"  connectionURL="jdbc:postgresql://localhost/mmdb"  userTable="users" userNameCol="user_name" userCredCol="user_password"     userRoleTable="user_roles" roleNameCol="role_name"/>
the login page asking user/pass, when I type  user= a123;  pass=a123  sending me to error page ofcourse bcoz this user/pass no in database. But then I type user/pass present in the databse - table, its not accepting either and sending me to error page.

Regards,
H
0
 
LVL 6

Expert Comment

by:CodingExperts
ID: 12012946
I hope u have made users table as well as user_roles table and roles table.Place this code
users : ( user_name,user_pass)
roles  : ( role_name)
user_roles : (user_name,role_name)
<realm classname="org.apache.catalina.realm.JDBCRealm" debug="99"
    drivername="org.postgressql.Driver"
    connectionurl="jdbc:mysql://localhost/tomcatusers?user=test;password=test"
    usertable="users" usernamecol="user_name" usercredcol="user_pass"
    userroletable="user_roles" rolenamecol="role_name"/>

0
 
LVL 6

Expert Comment

by:CodingExperts
ID: 12012996
with aq slight change
<realm classname="org.apache.catalina.realm.JDBCRealm" debug="99"
    drivername="org.postgressql.Driver"
    connectionurl="jdbc:postgressql://localhost/tomcatusers?user=test;password=test"
    usertable="users" usernamecol="user_name" usercredcol="user_pass"
    userroletable="user_roles" rolenamecol="role_name"/>
0
 

Author Comment

by:princehyderabad
ID: 12019017
I think You didnt check my <realm.....
its the same.Also I tried ur change still no use. Any other alternative to solutions.....
0
 

Author Comment

by:princehyderabad
ID: 12019266
Hello Sompol,

My DB is sitting remotely and it doesnt requires password to connect rite now: so here is my realm which is not working: I hope you read my above commit 4 u.

<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.postgressql.Driver"  connectionURL="jdbc:postgresql://10.7.100.80/mmdb?user=postgres"   userTable="users" userNameCol="user_name" userCredCol="user_password"     userRoleTable="user_roles" roleNameCol="role_name"/>

Thx.
0
 

Author Comment

by:princehyderabad
ID: 12019273
FYI: I tried with this too
connectionURL="jdbc:postgresql://10.7.100.80/mmdb?user=postgres&amp;password="
0
 

Author Comment

by:princehyderabad
ID: 12104456
I GOT THE ANSWER MYSELF THRU OTHER RESOURES:

      <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.postgresql.Driver"  
      connectionURL="jdbc:postgresql://10.7.100.80:5432/DBNAME"  
      connectionName="postgres" connectionPassword=""
      userTable="users" userNameCol="user_name" userCredCol="user_password"     userRoleTable="user_roles" roleNameCol="role_name"/>
0
 

Accepted Solution

by:
ee_ai_construct earned 0 total points
ID: 12414663
Question answered by asker or dialog valuable.
Closed, 250 points refunded.
ee_ai_construct (replacement part #xm34)
Community Support Admin
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
If you need a simple but flexible process for maintaining an audit trail of who created, edited, or deleted data from a table, or multiple tables, and you can do all of your work from within a form, this simple Audit Log will work for you.
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question