ihateuselessitbooks
asked on
Tomcat memory realm security issue?
I've changed the server.xml for Tomcat 6, added the necessary files in web.xml for a website. I'm getting my login page and login error page coming up, asking for user/password, but the user/password is not working. I think possibly I'm missing some code from server.xml when Tomcat starts up...heres the line of code I added inside the <engine>...
<Realm className="org.apache.cata lina.realm .MemoryRea lm"/>
The web.xml looks to be exactly what is required with roles and security constraints.
Any initial ideas?
<Realm className="org.apache.cata
The web.xml looks to be exactly what is required with roles and security constraints.
Any initial ideas?
can u post server.xml flie
Have you added the users, roles and password to the $CATALINA_BASE/conf/tomcat -users.xml file? Since you have not specified a path, Tomcat will try to load the memory realm data from this default file.
ASKER
w<?xml version='1.0' encoding='utf-8'?>
<Server port="9076" shutdown="SHUTDOWN">
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.cata lina.core. AprLifecyc leListener " SSLEngine="on" />
<!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
<Listener className="org.apache.cata lina.core. JasperList ener" />
<!-- JMX Support for the Tomcat server. Documentation at /docs/non-existent.html -->
<Listener className="org.apache.cata lina.mbean s.ServerLi fecycleLis tener" />
<Listener className="org.apache.cata lina.mbean s.GlobalRe sourcesLif ecycleList ener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina. UserDataba se"
description="User database that can be updated and saved"
factory="org.apache.catali na.users.M emoryUserD atabaseFac tory"
pathname="conf/tomcat-user s.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="9078" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="9077" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.cata lina.realm .UserDatab aseRealm"
resourceName="UserDatabase "/>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Realm className="org.apache.cata lina.realm .MemoryRea lm"/>
<Context path="/jazzensemble"
docBase="/apache-tomcat-6. 0.18"
debug="1"
reloadable="true" >
</Context>
</Host>
</Engine>
</Service>
</Server>
<Server port="9076" shutdown="SHUTDOWN">
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.cata
<!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
<Listener className="org.apache.cata
<!-- JMX Support for the Tomcat server. Documentation at /docs/non-existent.html -->
<Listener className="org.apache.cata
<Listener className="org.apache.cata
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.
description="User database that can be updated and saved"
factory="org.apache.catali
pathname="conf/tomcat-user
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="9078" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="9077" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.cata
resourceName="UserDatabase
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Realm className="org.apache.cata
<Context path="/jazzensemble"
docBase="/apache-tomcat-6.
debug="1"
reloadable="true" >
</Context>
</Host>
</Engine>
</Service>
</Server>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
interesting, I didn't realize Tomcat could not use 2 realms at a time. I'll have to look in that.
ASKER
not convinced 100% that Tomcat cannot use 2 realms, but you've peaked my curiousity...