---- oh...@cox.net wrote:
>
> ---- oh...@cox.net wrote:
> >
> > ---- Konstantin Kolinko <knst.koli...@gmail.com> wrote:
> > > 2012/5/17 <oh...@cox.net>:
> > > > Hi,
> > > >
> > > > I'm trying to debug some problems while enabling JNDIRealm in Tomcat
> > > > 6.0.33.
> > > >
> > > > I've gotten Tomcat itself to output debug logging, but looking at the
> > > > JNDIRealm.java code, e.g.:
> > > >
> > > > http://www.docjar.com/html/api/org/apache/catalina/realm/JNDIRealm.java.html
> > > >
> > > > It looks like there's a bunch of debug output that the Java code *can*
> > > > output.
> > > >
> > > > The problem is that I don't know how to enable that debug
> > > > output/logging?
> > > >
> > > > I'm assuming that something needs to be added to the Tomcat
> > > > logging.properties, but can anyone tell me what that should be to get
> > > > the messages such as would be output by the following code in
> > > > JNDIRealm.java:
> > > >
> > > > 1044 if (username == null || username.equals("")
> > > > 1045 || credentials == null || credentials.equals("")) {
> > > > 1046 if (containerLog.isDebugEnabled())
> > > > 1047 containerLog.debug("username null or empty:
> > > > returning null principal.");
> > > > 1048 return (null);
> > > >
> > >
> > >
> > > See
> > > http://tomcat.apache.org/tomcat-6.0-doc/logging.html#Servlets_logging_API
> > >
> > > The "containerLog" writes to a category that has name similar to the
> > > following:
> > > org.apache.catalina.core.ContainerBase.[${engine}].[${host}].[${context}]
> > >
> > > If your realm in in Context, then you will get the full name.
> > > If it is in Host, you will get [engine][host] only,
> > > and so on.
> > >
> > >
> > > You may also want to run under debugger,
> > > http://wiki.apache.org/tomcat/FAQ/Developing#Debugging
> > >
> > > Best regards,
> > > Konstantin Kolinko
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > > For additional commands, e-mail: users-h...@tomcat.apache.org
> > >
> >
> > Konstantin,
> >
> > Here's a partial stripped down version of my server.xml, to show the
> > JNDIRealm part in context. I guess that it's in the <Engine>?
> >
> > So, how do I enable the output from the JNDIRealm?
> >
> > I checked the link you included, but it reflected what you said, but I'm
> > unclear about exactly what I need to do (e.g., add to logging.properties)
> > to get the debug output?
> >
> > Thanks,
> > Jim
> >
> > P.S. Per other responses, if you could help explain, it might clarify
> > things for others on the mailing list, who also appear to not know how to
> > do this?
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
> >
>
>
> P.P.S. In case it helps, here is my current logging.properties:
>
>
> # Licensed to the Apache Software Foundation (ASF) under one or more
> # contributor license agreements. See the NOTICE file distributed with
> # this work for additional information regarding copyright ownership.
> # The ASF licenses this file to You under the Apache License, Version 2.0
> # (the "License"); you may not use this file except in compliance with
> # the License. You may obtain a copy of the License at
> #
> # http://www.apache.org/licenses/LICENSE-2.0
> #
> # Unless required by applicable law or agreed to in writing, software
> # distributed under the License is distributed on an "AS IS" BASIS,
> # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
> # See the License for the specific language governing permissions and
> # limitations under the License.
>
> handlers = 1catalina.org.apache.juli.FileHandler,
> 2localhost.org.apache.juli.FileHandler, 3manager.org.apache.juli.FileHandler,
> 4host-manager.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler
>
> .handlers = 1catalina.org.apache.juli.FileHandler,
> java.util.logging.ConsoleHandler
>
> ############################################################
> # Handler specific properties.
> # Describes specific configuration info for Handlers.
> ############################################################
>
> 1catalina.org.apache.juli.FileHandler.level = FINE
> 1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs
> 1catalina.org.apache.juli.FileHandler.prefix = catalina.
>
> # JL - FOLLOWING ADDED FOR DEBUG PER:
> http://dev-answers.blogspot.com/2010/03/enable-debugtrace-level-logging-for.html
> 1catalina.org.apache.juli.FileHandler.bufferSize = -1
>
> 2localhost.org.apache.juli.FileHandler.level = FINE
> 2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs
> 2localhost.org.apache.juli.FileHandler.prefix = localhost.
>
> 3manager.org.apache.juli.FileHandler.level = FINE
> 3manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs
> 3manager.org.apache.juli.FileHandler.prefix = manager.
>
> 4host-manager.org.apache.juli.FileHandler.level = FINE
> 4host-manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs
> 4host-manager.org.apache.juli.FileHandler.prefix = host-manager.
>
> java.util.logging.ConsoleHandler.level = FINE
> java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
>
>
> ############################################################
> # Facility specific properties.
> # Provides extra control for each logger.
> ############################################################
>
>
> # JL - FOLLOWING ADDED FOR DEBUG PER:
> http://dev-answers.blogspot.com/2010/03/enable-debugtrace-level-logging-for.html
> # This would turn on trace-level for everything
> # the possible levels are: SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST
> or ALL
> #org.apache.catalina.level = ALL
> #org.apache.catalina.handlers = 2localhost.org.apache.juli.FileHandler
> org.apache.catalina.realm.level = ALL
> org.apache.catalina.realm.useParentHandlers = true
> org.apache.catalina.authenticator.level = ALL
> org.apache.catalina.authenticator.useParentHandlers = true
>
>
> org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO
> org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers =
> 2localhost.org.apache.juli.FileHandler
>
> org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].level
> = INFO
> org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handlers
> = 3manager.org.apache.juli.FileHandler
>
> org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level
> = INFO
> org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers
> = 4host-manager.org.apache.juli.FileHandler
>
> # For example, to log debug messages in ContextConfig and HostConfig
> # classes and to log only warnings and errors in other
> # org.apache.catalina.** classes, uncomment these lines:
> #org.apache.catalina.startup.ContextConfig.level = FINE
> #org.apache.catalina.startup.HostConfig.level = FINE
> #org.apache.catalina.level = WARNING
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
Hi,
Oops. In my previous email, I forgot to paste in the server.xml snippet with
the realm :(....
<Server port="8005" shutdown="SHUTDOWN">
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
<!--Initialize Jasper prior to webapps are loaded. Documentation at
/docs/jasper-howto.html -->
<Listener className="org.apache.catalina.core.JasperListener" />
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener
className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<!-- JMX Support for the Tomcat server. Documentation at
/docs/non-existent.html -->
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
<Listener
className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<!-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
-->
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL HTTP/1.1 Connector on port 8080
-->
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionName="cn=XXXX"
connectionPassword="YYYYYYY"
connectionURL="ldap://oidoif:6501";
userPassword="userPassword"
userPattern="cn={0},cn=users,dc=whatever,dc=com"
roleBase="cn=groups,dc=whatever,dc=com"
roleName="cn"
debug="9"
roleSearch="(uniqueMember={0})"
/>
<!-- Define the default virtual host
Note: XML Schema validation will not work with Xerces 2.2.
-->
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
</Engine>
</Service>
</Server>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
