-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Jonathan,
On 6/8/18 10:33 AM, Jonathan Kilach wrote: > I have tomcat 8.5 installed on windows 7. The unit is functional, > no errors. I am working with an open source web app(Open Baraza > from > https://sourceforge.net/projects/obsacco/files/?source=navbar) and > have it successfully installed, I suppose the database is correctly > set as it is able to open the web app interface. > > However, in the login screen of the webapp(Open baraza) once I > input the log in prompts for user name and password I am unable to > login in due to password/username do not match. I am sure of the > username and password since I can access the table from pg admin > to see them and also it is the default for the app as per initial > setup. I suppose there is more configuration needed to be done on > realm authentication as below is the errors generated on the *log > file* by tomcat Do you know if the application manages logins or if the container (Tomcat) does? > Help me configure realm if that is where the error is so that i > can log in to the app > > *Error message generated by catalina logfiles.* > > 08-Jun-2018 00:27:52.856 INFO [localhost-startStop-1] > org.apache.catalina.startup.HostConfig.deployDirectory Deploying > web application directory [C:\tomcat8.5\webapps\baraza] > 08-Jun-2018 00:27:52.884 WARNING [localhost-startStop-1] > org.apache.tomcat.util.digester.SetPropertiesRule.begin > [SetPropertiesRule]{Context/Realm} Setting property 'digest' to > 'md5' did not find a matching property. That's a BIG RED FLAG right there. If the application is using md5 hashes to store its passwords, it's very poorly written. Fortunately, there is a migration path to non-crappy security[1]. > ------------------------------------------------------- *realm > class configuration in /config/server.xml* > > <Realm className="org.apache.catalina.realm.DataSourceRealm" > dataSourceName="jdbc/authority" userTable="entitys" > userNameCol="user_name" userCredCol="entity_password" > userRoleTable="entitys" roleNameCol="function_role"/> > > </Realm> Tomcat doesn't use /config/server.xml. Is that a part of a local customization? The content looks okay, other than "entities" being misspelled. I'd be surprised if the "userTable" and the "userRoleTable" are supposed to be the same thing. Usually, user-to-role is a many-to-many relationship, not a one-to-one kind of thing. Unless users have exactly one role. > ____________________________________ *context configuration in > /config/context.xml* > > <Context> > > <Resource name="jdbc/postgres" auth="Container" > type="javax.sql.DataSource" driverClassName="org. > postgresql.Driver" url="jdbc:postgresql://127.0.0.1:5432/sacco" > username="postgres" password="********" maxTotal="20" maxIdle="10" > maxWaitMillis="-1"/> > > > </Context> That looks okay except: 1. /config/context.xml isn't a usual Tomcat configuration file. Local customization? 2. If /config/context.xml is really CATALINA_BASE/conf/context.xml, then that <Resource> is available to every single web application in the whole container. It would be better to put that <Resource> into your application's META-INF/context.xml file instead of the global one. > _______________________________ *context configuration in > /META-INF/context.xml* > > <Context crossContext="true" reloadable="true"> > > <Realm userTable="entitys" connectionURL="jdbc: > postgresql://localhost/sacco" connectionPassword="*******" > userNameCol="user_name" roleNameCol="function_role" > userCredCol="entity_password" digest="md5" className="org.apache. > catalina.realm.JDBCRealm" userRoleTable="entitys" > driverName="org.postgresql.Driver" > connectionName="postgres"></Realm> > > <Resource maxActive="150" maxIdle="50" username="postgres" > name="jdbc/postgres" maxWait="50" removeAbandoned="true" > driverClassName="org.postgresql.Driver" > type="javax.sql.DataSource" password="********" > url="jdbc:postgresql://localhost/sacco" auth="Container" > removeAbandonedTimeout="50"></Resource> > > </Context> Okay, so all of that stuff is in two places at once. Given the warning you are getting about the digest="md5" in the log file, Tomcat is clearly building the DataSource in your META-INF/context.xml file. If you are going to be defining both the <Realm> and the <Resource> in META-INF/context.xml, then you need to add localDataSource="true" to the <Realm> so it knows it's not a "global data source", coming from server.xml in <GlobalNamingResources>. I would recommend not putting any of this in server.xml. Hope that helps, - -chris [1] http://tomcat.apache.org/presentations.html [search for "seamless upgrades"] -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlsa3E8ACgkQHPApP6U8 pFjOyQ/8DfGEarbnVtB+QihKt21BuchDmvr1RB9d6xFtsCjY5z6qHd2mKHhPFCMN LOlrs6xoewfVIAtAKx37854e8x2/4sgQNkRmbVHybIlG5TyAziClLo2+LAvY5LFU nO+YH7i3TX89tskBFqlo0wVY8HEL/FKffkFU0ekCKuThYKB0MKPFwAFAgDXNg136 mV1ixzskpC5sBqQwySRsJYFJ7xmyKF7kdhcenQymuuXZfSvGZekTfk3xDhEMomcB Ki5vbH7T1y6wz+OAch1hLeOPqavt+p0QqZ/yaRU8ownleCIaZ8b0T7tGGzCzLwMt dSufC3qFkEbl1yTLIKHRo7bScUm+eXx8nzHxrQZOSioh5HFais6VZgV6uqXi7jGk OC73JowSK5gFIjowTMkUW9IFdeHIX5inyCwoRNY7yTnld88TQnC8OhRYQ+EU5oJ9 /WvAvNpd8bwd4bAGQgMApdB3uUq8Mn7rUf258qdKm1K5sZt2agnOvZSKbcn1vllW ldROMndhfBwbLTMIYfQfYyK31yMcGJ85V4lquiYKXxTiJoRYOj0/NG52ZKAZACXW To9vEZtNfsdKNX67OjKsfMpCtTpRlhvapsh1f5X2zhjqYmUzEc8TFy7FZTrqFjKh FQdj3gY+KxN4nHAmTrKX4gKBz+wUdZfF0zInmbFmHv0Piw+LLKA= =Nxbc -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
