Thanks to those who were kind to share their
suggestions/comments.
The problem was a subtle, but an important one : in
server.xml ==> roleNameCol="role_name"
but in database there is no column called "role_name",
accidentally column's name is "user_role"!
Baris...
--- Rick Fincher <[EMAIL PROTECTED]> wrote:
> Hi Baris,
>
> I tried:
> java -classpath
> CATALINA_HOME/server/lib/catalina.jar
> org.apache.catalina.realm.RealmBase -a MD5 aksu
>
> And got:
> aksu:394e654ca65973f232653fb0008c603d
>
> So that seems to be working correctly. You may want
> to try changing
> <auth-method>BASIC</auth-method>, to
> <auth-method>DIGEST</auth-method>. Since the
> browser is getting the
> password you want it to be digested before it goes
> out on the net for
> security unless you are using SSL. Then it gets
> encrypted anyway and
> digesting just protects your passwords from
> observation on the server side.
> This might require you to turn off digest in the
> realm.
>
> You can also increase the debug level in the realm
> and see what the log
> files say.
>
> Hope this helps,
>
> Rick
>
>
>
> ----- Original Message -----
> From: "ahmet dalli" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, August 27, 2002 3:14 AM
> Subject: Tomcat Realms with Digested Passwords
> -Urgent- ( A little
> longish...)
>
>
> > Hi all,
> >
> > I am trying to use JDBCRealm to store user login
> > information in an oracle database. I am working on
> a
> > Windows2000 machine, using jdk1.4, and
> Tomcat4.0.4.
> >
> > In server.xml, i have this configuration:
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > <Realm
> > className="org.apache.catalina.realm.JDBCRealm"
> > debug="99"
> > driverName="oracle.jdbc.driver.OracleDriver"
> >
>
connectionURL="jdbc:oracle:thin:usr/pass@host:1521:ORCL"
> > userTable="users" userNameCol="user_name"
> > userCredCol="user_pass"
> userRoleTable="user_roles"
> > roleNameCol="role_name" digest="MD5" />
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> > In an Oracle8i database, i have a table called
> "users"
> > which has two columns named "user_name" and
> > "user_pass" ; and yet another one called
> > "user_roles" with to columns named "user_name" and
> > "user_role".
> >
> > When i store user passwords in cleartext,
> everything
> > works fine.
> >
> > I want to store passwords in a digested form. So,
> i
> > have used the following code to store a user_name
> :
> > baris, user_pass : aksu and user_role : director.
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > import org.apache.catalina.realm.RealmBase;
> > import java.io.*;
> > import java.sql.*;
> >
> > public class DigestDene {
> > public static void main(String[] args) {
> > try {
> > String username = args[0];
> > String password = args[1];
> > String role = args[2];
> > String digested =
> > RealmBase.Digest(password, "MD5");
> > //Here, code that connects to the database
> > /* ...... */
> > stmt.executeUpdate("insert into users
> values('" +
> > username + "', '" + digested + "')");
> > stmt.executeUpdate("insert into user_roles
> values
> > ('" + username + "', '" + role + "')");
> > }
> > catch(Exception ex) {}
> > }
> > }
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > Then, i have inserted my user's info from the
> > command-line with :
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^
> > java DigestDene baris aksu director
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > After this, I have these values in the database :
> > (in table users)
> > USER_NAME USER_PASS
> > --------------- ------------------------
> > baris 394e654ca65973f232653fb0008c603d
> >
> > (in table user_roles)
> > USER_NAME USER_ROLE
> > ------------------- ---------
> > baris director
> >
> > Lastly, in web.xml i have these lines :
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > <security-constraint>
> > <web-resource-collection>
> > <web-resource-name>Protected Basla Servlet
> > </web-resource-name>
> > <url-pattern>/servlet/IlkGirisServlet
> > </url-pattern>
> > </web-resource-collection>
> > <auth-constraint>
> > <role-name>director</role-name>
> > </auth-constraint>
> > <user-data-constraint>
> >
> <transport-guarantee>NONE</transport-guarantee>
> > </user-data-constraint>
> > </security-constraint>
> > <login-config>
> > <auth-method>BASIC</auth-method>
> > </login-config>
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > When i try to acces my protected resource, i am
> > presented with the classic login screen for BASIC
> > authentication, and after i type "baris" for
> username
> > and "aksu" for password, Tomcat doesn't simply let
> me
> > in.
> >
> > Any suggestions or comments will be greatly
> > appreciated.
> >
> > Baris.....
>
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
