Good Morning Rian-

I would suggest having a look at and following all of the steps in the JDBC How to tutorial at http://tomcat.apache.org/tomcat-3.3-doc/JDBCRealm-howto.html the important item here is to exercise the basic functionality of generating a digested MD5 password which can be accomplished with command line
java org.apache.tomcat.modules.aaa.RealmBase -a MD5 <password>
where password is the plain text password to be digested
Anyone else ??
Martin --

This email message and any files transmitted with it contain confidential
information intended only for the person(s) to whom this email message is
addressed.  If you have received this email message in error, please notify
the sender immediately by telephone or email and destroy the original
message without making a copy.  Thank you.

----- Original Message ----- From: "Rian Brand" <[EMAIL PROTECTED]>
To: <users@tomcat.apache.org>
Sent: Saturday, May 20, 2006 9:01 AM
Subject: JDBCRealm authentication failing with MD5


Hi all



I am trying to set up a security realm on Tomcat using JDBCRealm and MD5
encryption. It works perfectly when using plain text, but it fails the
moment I switch to a MD5 digest. I have been through the documentation,
forums and FAQ's but I am afraid I can not resolve this on my own, so help
would be appreciated.



When attempting to login, the logfile simply states:

JDBCRealm[/asdf]: Username username1 NOT successfully authenticated



I checked and when generating the MD5 with the command line it seems the
same. I have tried to play with the database character encoding, without
success. If this is the incorrect, please point it out.



The relevant section of the context file is:

<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"

   digest="MD5"

     driverName="org.gjt.mm.mysql.Driver"


connectionURL="jdbc:mysql://localhost:3306/mydb?user=myusername&amp;password
=mypassword"

      userTable="authuser" userNameCol="uname" userCredCol="passwd"

  userRoleTable="user_roles" roleNameCol="role_name"/>



In the web.xml, the relevant section is:

    <security-constraint>

     <display-name> Security Constraint</display-name>

     <web-resource-collection>

        <web-resource-name>Protected Area</web-resource-name>

<!--         Define the context-relative URL(s) to be protected -->

        <url-pattern>*.htm</url-pattern>

     </web-resource-collection>

     <auth-constraint>

        <!-- Anyone with one of the listed roles may access this area -->

        <role-name>operations</role-name>

     </auth-constraint>

   </security-constraint>



   <!-- Default login configuration uses form-based authentication -->

   <login-config>

     <auth-method>FORM</auth-method>

     <realm-name>My Authentication Area</realm-name>

     <form-login-config>

       <form-login-page>/WEB-INF/jsp/login.jsp</form-login-page>

       <form-error-page>/WEB-INF/jsp/error.jsp</form-error-page>

     </form-login-config>

   </login-config>



   <!-- Security roles referenced by this web application -->

   <security-role>

     <role-name>operations</role-name>

   </security-role>



The relevant part of the database schema is as follows:

CREATE TABLE authuser (

 id int(4) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,

 uname varchar(25) NOT NULL UNIQUE default ''
COMMENT 'Username',

 passwd varchar(32) NOT NULL default ''
COMMENT 'Encrypted password',

 INDEX FKIndexUserId (id)

) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='Users table';



CREATE TABLE user_roles (

id int(4) UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT COMMENT 'Id',

 uname                                    varchar(15) not null
COMMENT 'name, same as in Authuser table',

 role_name                               varchar(15) not null
COMMENT 'Role this user is allowed',

 CONSTRAINT CSconstraint FOREIGN KEY (uname) REFERENCES authuser(uname)

);

ALTER TABLE user_roles ADD UNIQUE(uname, role_name);



Finally, at the risk of making the mail too long, here is the relevant parts
login.jsp:

<form method="POST" action='<%= response.encodeURL("j_security_check") %>' >

<table cellspacing="0" cellpadding="0" align="center" width="700">

           <tr>

<td valign="top" class="main_table" colspan="2"><br>

                       <b class="blue"> Log into system </b>

                       <hr align="left">

                       <br>

                       <table cellspacing="0" cellpadding="0">

                                   <tr>


<td>&nbsp;&nbsp;&nbsp;&nbsp;
<img src="Images/lock1.jpg" alt="">


&nbsp;&nbsp;&nbsp;&nbsp;</td>

                                               <td>

                                               <table>

                                                           <tr>

                                                                       <td
align="right" class="input_table_td">Username:</td>

                                                                       <td
class="input_table_td"><input type="text" name="j_username"></td>

                                                           </tr>

                                                           <tr>

                                                                       <td
align="right" class="input_table_td2">Password:</td>

                                                                       <td
class="input_table_td2"><input type="password" name="j_password"></td>

                                                           </tr>

                                                           <tr>

                                                       <td
align="right"><input type="submit" value="Log In"></td>

                                                           </tr>

                                               </table>

                                               </td>

                                   </tr>

                       </table>

           </form>



I am using:

Tomcat 5.0

MySql 4.1.7nt

JDK 1.4



Thank you in advance



Rian



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to