form auth does work, only j_security_check is not found.
vVolf
> -----Oryginalna wiadomooeæ-----
> Od: Ignacio J. Ortega [mailto:[EMAIL PROTECTED]]
> Wys³ano: 5 marca 2001 09:52
> Do: '[EMAIL PROTECTED]'
> Temat: RE: JDBC Realm not triggering
>
>
> Please revise http://localhost:8080/examples/jsp/security/protected ..
>
> The problem is that you need to access a protected resource for FORM
> auth to work.., not directly the Login form....in the config below ..
> you need to acess a url with the form
> http://localhost:8080/context/pwAdmin/ i.e ( i dont know the
> exact name
> of the context .. try substitute "context" with the right one
> ).. after
> that Tomcat tries to authenticate the user prior to access
> the resource
> .. showing the login form.. when you make a correct
> authentication.. it
> redirect the form the login page to the original protected resource ..
> does not have sense to try to access directly the login form..
>
>
> Saludos ,
> Ignacio J. Ortega
>
>
> > -----Mensaje original-----
> > De: Herchel Wojciech [mailto:[EMAIL PROTECTED]]
> > Enviado el: lunes 5 de marzo de 2001 8:14
> > Para: '[EMAIL PROTECTED]'
> > Asunto: ODP: JDBC Realm not triggering
> >
> >
> > same problem here - still don't know how to solve it :(
> >
> > vVolf
> >
> >
> > > -----Oryginalna wiadomooec-----
> > > Od: Mike Slinn [mailto:[EMAIL PROTECTED]]
> > > Wyslano: 2 marca 2001 18:59
> > > Do: [EMAIL PROTECTED]
> > > Temat: JDBC Realm not triggering
> > >
> > >
> > > I feel like I sailed off the edge of the known universe,
> > > because there isn't
> > > much documentation for form-based authentication using JDBC
> > realms (at
> > > least, none that I could find, beyond the short
> > > JDBCRealm.howto included in
> > > the TomCat docs).
> > >
> > > I am using Windows NT Server 4sp6 with JDK1.3 and Tomcat 3.2.1.
> > >
> > > I made the following changes to server.xml:
> > >
> > > <!-- <RequestInterceptor
> > > className="org.apache.tomcat.request.SimpleRealm"
> > > debug="0" /> -->
> > > <RequestInterceptor
> className="org.apache.tomcat.request.JDBCRealm"
> > > debug="99"
> > > driverName="org.gjt.mm.mysql.Driver"
> > > connectionURL="jdbc:mysql://blahblah.com:3306/database"
> > > connectionName="secret"
> > > connectionPassword="secret"
> > > userTable="Users" userNameCol="userId"
> > userCredCol="userPassword"
> > > userRoleTable="UserPriv" roleNameCol="privLevel" />
> > >
> > > The database tables exist, exactly as shown in
> > > <RequestInterceptor>, since
> > > mySql is case-sensitive w.r.t. table names.
> > >
> > > Here is a piece of my web.xml:
> > >
> > > <security-constraint>
> > > <web-resource-collection>
> > > <web-resource-name>developer</web-resource-name>
> > > <url-pattern>/pwAdmin/*</url-pattern>
> > > <url-pattern>/pwModerator/*</url-pattern>
> > > <url-pattern>/pwNormal/*</url-pattern>
> > > <url-pattern>/pwPortal/*</url-pattern>
> > > <url-pattern>/pwTest/*</url-pattern>
> > > <http-method>get</http-method>
> > > <http-method>post</http-method>
> > > </web-resource-collection>
> > >
> > > <auth-constraint>
> > > <role-name>developer</role-name>
> > > </auth-constraint>
> > >
> > > <user-data-constraint>
> > > <transport-guarantee>NONE</transport-guarantee>
> > > </user-data-constraint>
> > > </security-constraint>
> > >
> > > <login-config>
> > > <auth-method>FORM</auth-method>
> > > <realm-name>JDBC</realm-name>
> > > <form-login-config>
> > > <form-login-page>/index.html</form-login-page>
> > > <form-error-page>/register.jsp</form-error-page>
> > > </form-login-config>
> > > </login-config>
> > >
> > > <security-role>
> > > <role-name>developer</role-name>
> > > </security-role>
> > >
> > >
> > > Here is the authentication form:
> > > <form method="POST" action="j_security_check">
> > > Login id: <input type="text" name="j_username" size="8"
> > > class=formStyle><br>
> > > Password: <input type="password" name="j_password" size="8"
> > > class=formStyle><br>
> > > <input type="submit" value=" Log In " name="LogIn"
> > > class=formStyle>
> > > </form>
> > >
> > >
> > > When I press the submit button, I get the following error:
> > > HTTP 404 - File not found
> > > The url reported is http://localhost:8080/j_security_check
> > >
> > > Somehow the form action is not being picked up by the
> > TomCat security
> > > mechanism. What have I missed?
> > >
> > > A few more questions:
> > > - If I omit <transport-guarantee>, does it default to NONE?
> > > - Is it possible to use * for <http-method> to specify
> > that all HTTP
> > > methods are to be subject to security?
> > > - I would like to use a numeric column in the database to
> > > store the user
> > > authentication level, rather than a text string. Can the
> > > JDBC realm be set
> > > up to work this way?
> > > - I found very little documentation regarding form-based
> > > authentication
> > > using JDBC realms. Can you point me to some more?
> > >
> > > ... thanks
> > > Mike
> > >
> > >
> > >
> >
> ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, email:
> [EMAIL PROTECTED]
> > >
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, email: [EMAIL PROTECTED]
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, email: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
