Thanks to those who were kind to share their
suggestions/comments. 

The problem was a subtle, but an important one : in
server.xml ==> roleNameCol="role_name" 
but in database there is no column called "role_name",
accidentally column's name is "user_role"!

Baris...


--- Rick Fincher <[EMAIL PROTECTED]> wrote:
> Hi Baris,
> 
> I tried:
> java -classpath
> CATALINA_HOME/server/lib/catalina.jar
> org.apache.catalina.realm.RealmBase -a MD5 aksu
> 
> And got:
> aksu:394e654ca65973f232653fb0008c603d
> 
> So that seems to be working correctly.  You may want
> to try changing
> <auth-method>BASIC</auth-method>, to
> <auth-method>DIGEST</auth-method>.  Since the
> browser is getting the
> password you want it to be digested before it goes
> out on the net for
> security unless you are using SSL.  Then it gets
> encrypted anyway and
> digesting just protects your passwords from
> observation on the server side.
> This might require you to turn off digest in the
> realm.
> 
> You can also increase the debug level in the realm
> and see what the log
> files say.
> 
> Hope this helps,
> 
> Rick
> 
> 
> 
> ----- Original Message -----
> From: "ahmet dalli" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, August 27, 2002 3:14 AM
> Subject: Tomcat Realms with Digested Passwords
> -Urgent- ( A little
> longish...)
> 
> 
> > Hi all,
> >
> > I am trying to use JDBCRealm to store user login
> > information in an oracle database. I am working on
> a
> > Windows2000 machine, using jdk1.4, and
> Tomcat4.0.4.
> >
> > In server.xml, i have this configuration:
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > <Realm
> > className="org.apache.catalina.realm.JDBCRealm"
> >   debug="99"
> >   driverName="oracle.jdbc.driver.OracleDriver"
> >
>
connectionURL="jdbc:oracle:thin:usr/pass@host:1521:ORCL"
> >   userTable="users" userNameCol="user_name"
> >   userCredCol="user_pass"
> userRoleTable="user_roles"
> >   roleNameCol="role_name" digest="MD5" />
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> > In an Oracle8i database, i have a table called
> "users"
> > which has two columns named "user_name" and
> > "user_pass" ; and yet another one called
> > "user_roles" with to columns named "user_name" and
> > "user_role".
> >
> > When i store user passwords in cleartext,
> everything
> > works fine.
> >
> > I want to store passwords in a digested form. So,
> i
> > have used the following code to store a user_name
> :
> > baris, user_pass : aksu and user_role : director.
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > import org.apache.catalina.realm.RealmBase;
> > import java.io.*;
> > import java.sql.*;
> >
> > public class DigestDene {
> >   public static void main(String[] args) {
> >    try {
> >     String username = args[0];
> >     String password = args[1];
> >     String role = args[2];
> >     String digested =
> >             RealmBase.Digest(password, "MD5");
> >  //Here, code that connects to the database
> >   /* ...... */
> >     stmt.executeUpdate("insert into users
> values('" +
> >      username + "', '" + digested + "')");
> >     stmt.executeUpdate("insert into user_roles
> values
> >        ('" + username + "', '" + role + "')");
> >    }
> >    catch(Exception ex) {}
> >    }
> > }
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > Then, i have inserted my user's info from the
> > command-line with :
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^
> > java DigestDene baris aksu director
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > After this, I have these values in the database :
> > (in table users)
> >  USER_NAME                USER_PASS
> > --------------- ------------------------
> > baris            394e654ca65973f232653fb0008c603d
> >
> > (in table user_roles)
> > USER_NAME           USER_ROLE
> > ------------------- ---------
> > baris               director
> >
> > Lastly, in web.xml i have these lines :
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > <security-constraint>
> >     <web-resource-collection>
> >      <web-resource-name>Protected Basla Servlet
> >      </web-resource-name>
> >      <url-pattern>/servlet/IlkGirisServlet
> >      </url-pattern>
> >     </web-resource-collection>
> >     <auth-constraint>
> >      <role-name>director</role-name>
> >     </auth-constraint>
> >     <user-data-constraint>
> >     
> <transport-guarantee>NONE</transport-guarantee>
> >   </user-data-constraint>
> >  </security-constraint>
> >  <login-config>
> >   <auth-method>BASIC</auth-method>
> >   </login-config>
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > When i try to acces my protected resource, i am
> > presented with the classic login screen for BASIC
> > authentication, and after i type "baris" for
> username
> > and "aksu" for password, Tomcat doesn't simply let
> me
> > in.
> >
> > Any suggestions or comments will be greatly
> > appreciated.
> >
> > Baris.....
> 
> 
> 
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
> 


__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to