I have Tomcat 5.5.4 configured with basic authentication through a JNDI named JDBC connection pool. The Resource and Realm are specified in META-INF/context.xml. The resource-ref and security-constraint are specified in WEB-INF/web.xml (releveant parts included at the end of this message).
There are 3 users assigned roles in the db (MySQL 4.1.8). Sometimes I am seeing one or more of these users fail to authenticate, even though moments before they were able to authenticate. Usually, 1 of the users can still authenticate but the other 2 cannot (though I have seen all 3 fail). Restarting Tomcat usually fixes the problem (though sometimes several restarts are required). I am using IE, Firefox, Java code making HttpUrlConnections, and Apache Axis code making SOAP requests so I'm pretty sure the issue is with Tomcat and not with the component making the request. To the best of my knowledge, when authentication fails, it is failing on the same Authorization header that was succeeding moments before (from watching the access logs and packet sniffing). The problem is inconsistent but frustrating and important for us to figure out. Has anyone seen this kind of behavior? Does anyone have any suggestions for how I can isolate the problem further? thx --- context.xml --- <Resource name="jdbc/mydb" auth="Container" type="javax.sql.DataSource" maxActive="64" maxIdle="16" maxWait="10000" driverClassName="com.mysql.jdbc.Driver" url="jdbc:mysql://localhost/MYDB" username="user" password="pass" /> <Realm className="org.apache.catalina.realm.DataSourceRealm" localDataSource="true" dataSourceName="jdbc/mydb" userTable="user" userNameCol="name" userCredCol="password" userRoleTable="role" roleNameCol="rolename" digest="SHA" /> --- web.xml --- <resource-ref> <description>my database</description> <res-ref-name>jdbc/mydb</res-ref-name> <res-type>javax.sql.DataSource</res-type> <res-auth>Container</res-auth> </resource-ref> <security-constraint> <web-resource-collection> <web-resource-name>Authentication</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>myRole</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>My Realm</realm-name> </login-config> <security-role> <role-name>myRole</role-name> </security-role> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]