?
Solved

j_security_check Authentication Error!

Posted on 2004-09-08
13
Medium Priority
?
1,418 Views
Last Modified: 2008-02-01
Hello all,

Everything seems 2b correct but still I'm unable to aunthenticate. Upon start its calling for login page, when I enter the user/password listed in the tomcat-users.xml its not accepting and redirecting me to the error.html page. Plz check below my files and let me know whtz wrong and how should I proceed for realm stuff...(I also tried user/password present in the database but still redirecting me to error.html)

My web.xml:


........        
<security-constraint>
        <web-resource-collection>
                <web-resource-name>MyFirst</web-resource-name>
                <description> accessible by authenticated users of the tomcat role</description>
                <url-pattern>/resource/*</url-pattern>
                <http-method>GET</http-method>
                <http-method>POST</http-method>
                <http-method>PUT</http-method>
                <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
                <description>These roles are allowed access</description>
                <role-name>tomcat</role-name>
                <role-name>admin</role-name>                
        </auth-constraint>
</security-constraint>

<login-config>
        <auth-method>FORM</auth-method>
        <realm-name>MyFirst Protected Area</realm-name>
        <form-login-config>
                <form-login-page>/resource/login.jsp</form-login-page>
                <form-error-page>/resource/autherr.html</form-error-page>
        </form-login-config>
</login-config>

<security-role>
        <role-name>tomcat</role-name>
        <role-name>admin</role-name>
</security-role>
.....

My tomcat-users.xml (Tomact 5.0 >>conf>>tomcat-users.xml)

.............
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="view"/>
  <role rolename="tomcat"/>
  <role rolename="manager"/>
  <role rolename="admin"/>
  <user username="tomcat" password="tomcat" roles="tomcat"/>
  <user username="admin" password="admin" roles="admin,manager"/>
</tomcat-users>

..........

My Server.xml (Tomact 5.0 >>conf>>server.xml)

.....
 <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.postgressql.Driver"
             connectionURL="jdbc:postgresql://localhost/mmdb"  userTable="users" userNameCol="user_name" userCredCol="user_password"
                   userRoleTable="user_roles" roleNameCol="role_name" />
........

Regards,
Hyd
0
Comment
Question by:princehyderabad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
13 Comments
 
LVL 11

Expert Comment

by:sompol_kiatkamolchai
ID: 12009059
Do you add that user to role which has permission to access resource?
0
 

Author Comment

by:princehyderabad
ID: 12009272
I didnt get you ? the tomcat.users.xml was there already when I opened the file. what is the method to add plz tell me.
0
 

Author Comment

by:princehyderabad
ID: 12009684
hi sompol, this is the error i found on the console:

Caused by: java.io.IOException: Unable to locate a login configuration at com.sun.security.auth.login.ConfigFile.init(Unknown Source)
      ... 34 more
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:princehyderabad
ID: 12009885
Even my http://localhost:8080/jsp-examples/security/protected/login.jsp 
not showing up. I mean it is asking for user/pass but when I enter tomcat/tomcat or admin/admin its redirecting me to error page.

Seems like I need to fix something globally in security file or somewhere to make my "resource" folder and above "jsp-example" folder get authentication....
0
 

Author Comment

by:princehyderabad
ID: 12012013
Hello Sompol,

This is the latest update, DONT SEE ABOVE COMMENTS. Here is the case now:

If I use this Realm in Server.xml it working:
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"/>

If I use Realm Database in Server.xml it not working: ANYTHING WRONG IN BELOW CODE ?

<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.postgressql.Driver"  connectionURL="jdbc:postgresql://localhost/mmdb"  userTable="users" userNameCol="user_name" userCredCol="user_password"     userRoleTable="user_roles" roleNameCol="role_name"/>

OR DO i NEED TO MODIFY MY web.xml: See below and let me know.

<security-constraint>
        <web-resource-collection>
                <web-resource-name>MyFirst</web-resource-name>
                <description> accessible by authenticated users of the tomcat role</description>
                <url-pattern>/resource/*</url-pattern>
                <http-method>GET</http-method>
                <http-method>POST</http-method>
                <http-method>PUT</http-method>
                <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
                <description>These roles are allowed access</description>
                <role-name>tomcat</role-name>
                <role-name>Administrator</role-name>                
                <role-name>Read Only</role-name>
        </auth-constraint>
</security-constraint>

<login-config>
        <auth-method>FORM</auth-method>
        <realm-name>MyFirst Protected Area</realm-name>
        <form-login-config>
                <form-login-page>/resource/login.jsp</form-login-page>
                <form-error-page>/resource/autherr.html</form-error-page>
        </form-login-config>
</login-config>

<security-role>
        <description>Only role below is allowed to access this web application</description>
        <role-name>tomcat</role-name>
        <role-name>Administrator</role-name>
       <role-name>Read Only</role-name>
       
</security-role>

MY tomcat-users.xml

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="login"/>
  <role rolename="tomcat"/>
  <role rolename="role1"/>
  <role rolename="Administrator"/>
  <role rolename="manager"/>
  <role rolename="admin"/>
  <user username="admin" password="admin" roles="manager"/>
  <user username="a123" password="a123" roles="Administrator,tomcat,admin,manager"/>
</tomcat-users>

OVERALL SUITATION: My Authencation (j_security_check) is working when I type user= a123;  pass=a123 which is saved in the tomcat-users.xml but when I change my Realm setting (ie)
<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.postgressql.Driver"  connectionURL="jdbc:postgresql://localhost/mmdb"  userTable="users" userNameCol="user_name" userCredCol="user_password"     userRoleTable="user_roles" roleNameCol="role_name"/>
the login page asking user/pass, when I type  user= a123;  pass=a123  sending me to error page ofcourse bcoz this user/pass no in database. But then I type user/pass present in the databse - table, its not accepting either and sending me to error page.

Regards,
H
0
 
LVL 6

Expert Comment

by:CodingExperts
ID: 12012946
I hope u have made users table as well as user_roles table and roles table.Place this code
users : ( user_name,user_pass)
roles  : ( role_name)
user_roles : (user_name,role_name)
<realm classname="org.apache.catalina.realm.JDBCRealm" debug="99"
    drivername="org.postgressql.Driver"
    connectionurl="jdbc:mysql://localhost/tomcatusers?user=test;password=test"
    usertable="users" usernamecol="user_name" usercredcol="user_pass"
    userroletable="user_roles" rolenamecol="role_name"/>

0
 
LVL 6

Expert Comment

by:CodingExperts
ID: 12012996
with aq slight change
<realm classname="org.apache.catalina.realm.JDBCRealm" debug="99"
    drivername="org.postgressql.Driver"
    connectionurl="jdbc:postgressql://localhost/tomcatusers?user=test;password=test"
    usertable="users" usernamecol="user_name" usercredcol="user_pass"
    userroletable="user_roles" rolenamecol="role_name"/>
0
 

Author Comment

by:princehyderabad
ID: 12019017
I think You didnt check my <realm.....
its the same.Also I tried ur change still no use. Any other alternative to solutions.....
0
 

Author Comment

by:princehyderabad
ID: 12019266
Hello Sompol,

My DB is sitting remotely and it doesnt requires password to connect rite now: so here is my realm which is not working: I hope you read my above commit 4 u.

<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.postgressql.Driver"  connectionURL="jdbc:postgresql://10.7.100.80/mmdb?user=postgres"   userTable="users" userNameCol="user_name" userCredCol="user_password"     userRoleTable="user_roles" roleNameCol="role_name"/>

Thx.
0
 

Author Comment

by:princehyderabad
ID: 12019273
FYI: I tried with this too
connectionURL="jdbc:postgresql://10.7.100.80/mmdb?user=postgres&amp;password="
0
 

Author Comment

by:princehyderabad
ID: 12104456
I GOT THE ANSWER MYSELF THRU OTHER RESOURES:

      <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="org.postgresql.Driver"  
      connectionURL="jdbc:postgresql://10.7.100.80:5432/DBNAME"  
      connectionName="postgres" connectionPassword=""
      userTable="users" userNameCol="user_name" userCredCol="user_password"     userRoleTable="user_roles" roleNameCol="role_name"/>
0
 

Accepted Solution

by:
ee_ai_construct earned 0 total points
ID: 12414663
Question answered by asker or dialog valuable.
Closed, 250 points refunded.
ee_ai_construct (replacement part #xm34)
Community Support Admin
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introducing Priority Question, our latest feature.
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question