Thanks to those who were kind to share their suggestions/comments. The problem was a subtle, but an important one : in server.xml ==> roleNameCol="role_name" but in database there is no column called "role_name", accidentally column's name is "user_role"!
Baris... --- Rick Fincher <[EMAIL PROTECTED]> wrote: > Hi Baris, > > I tried: > java -classpath > CATALINA_HOME/server/lib/catalina.jar > org.apache.catalina.realm.RealmBase -a MD5 aksu > > And got: > aksu:394e654ca65973f232653fb0008c603d > > So that seems to be working correctly. You may want > to try changing > <auth-method>BASIC</auth-method>, to > <auth-method>DIGEST</auth-method>. Since the > browser is getting the > password you want it to be digested before it goes > out on the net for > security unless you are using SSL. Then it gets > encrypted anyway and > digesting just protects your passwords from > observation on the server side. > This might require you to turn off digest in the > realm. > > You can also increase the debug level in the realm > and see what the log > files say. > > Hope this helps, > > Rick > > > > ----- Original Message ----- > From: "ahmet dalli" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, August 27, 2002 3:14 AM > Subject: Tomcat Realms with Digested Passwords > -Urgent- ( A little > longish...) > > > > Hi all, > > > > I am trying to use JDBCRealm to store user login > > information in an oracle database. I am working on > a > > Windows2000 machine, using jdk1.4, and > Tomcat4.0.4. > > > > In server.xml, i have this configuration: > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > <Realm > > className="org.apache.catalina.realm.JDBCRealm" > > debug="99" > > driverName="oracle.jdbc.driver.OracleDriver" > > > connectionURL="jdbc:oracle:thin:usr/pass@host:1521:ORCL" > > userTable="users" userNameCol="user_name" > > userCredCol="user_pass" > userRoleTable="user_roles" > > roleNameCol="role_name" digest="MD5" /> > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > > In an Oracle8i database, i have a table called > "users" > > which has two columns named "user_name" and > > "user_pass" ; and yet another one called > > "user_roles" with to columns named "user_name" and > > "user_role". > > > > When i store user passwords in cleartext, > everything > > works fine. > > > > I want to store passwords in a digested form. So, > i > > have used the following code to store a user_name > : > > baris, user_pass : aksu and user_role : director. > > > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > import org.apache.catalina.realm.RealmBase; > > import java.io.*; > > import java.sql.*; > > > > public class DigestDene { > > public static void main(String[] args) { > > try { > > String username = args[0]; > > String password = args[1]; > > String role = args[2]; > > String digested = > > RealmBase.Digest(password, "MD5"); > > //Here, code that connects to the database > > /* ...... */ > > stmt.executeUpdate("insert into users > values('" + > > username + "', '" + digested + "')"); > > stmt.executeUpdate("insert into user_roles > values > > ('" + username + "', '" + role + "')"); > > } > > catch(Exception ex) {} > > } > > } > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > Then, i have inserted my user's info from the > > command-line with : > > ^^^^^^^^^^^^^^^^^^^^^^^^^^ > > java DigestDene baris aksu director > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > After this, I have these values in the database : > > (in table users) > > USER_NAME USER_PASS > > --------------- ------------------------ > > baris 394e654ca65973f232653fb0008c603d > > > > (in table user_roles) > > USER_NAME USER_ROLE > > ------------------- --------- > > baris director > > > > Lastly, in web.xml i have these lines : > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > <security-constraint> > > <web-resource-collection> > > <web-resource-name>Protected Basla Servlet > > </web-resource-name> > > <url-pattern>/servlet/IlkGirisServlet > > </url-pattern> > > </web-resource-collection> > > <auth-constraint> > > <role-name>director</role-name> > > </auth-constraint> > > <user-data-constraint> > > > <transport-guarantee>NONE</transport-guarantee> > > </user-data-constraint> > > </security-constraint> > > <login-config> > > <auth-method>BASIC</auth-method> > > </login-config> > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > When i try to acces my protected resource, i am > > presented with the classic login screen for BASIC > > authentication, and after i type "baris" for > username > > and "aksu" for password, Tomcat doesn't simply let > me > > in. > > > > Any suggestions or comments will be greatly > > appreciated. > > > > Baris..... > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > __________________________________________________ Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>