I am still struggling to get tomcat to authenticate access to my application.
As a starting point I am trying to use BASIC authentication with the DataSource Realm (basically because I can check the query SQL) Whatever I do the user is presented with the authentication dialog box, but this authentication ALWAYS fails. Any way, as can be seen from the logs I am doing an authenticate test and failing. But thats not suprising when you look at the SQL that is being requested. The username is null Why? I can't see how I have anything wrong in server.xml - otherwise the postgres query would not have happened. I can't see what I could possibly have wrong in my web.xml as this does not even mention username!. Nevertheless - here is my web.xml is below How can I get further info that would be helpful in debugging this? ===============================famtree log (from tomcat4) 2005-11-01 19:53:00 famtree: init 2005-11-01 19:54:29 Authenticator[/famtree]: Security checking request GET /famtree/app 2005-11-01 19:54:29 Authenticator[/famtree]: Checking constraint 'SecurityConstraint[Famtree Application]' against GET /app --> true 2005-11-01 19:54:29 Authenticator[/famtree]: Subject to constraint SecurityConstraint[Famtree Application] 2005-11-01 19:54:29 Authenticator[/famtree]: Calling checkUserData() 2005-11-01 19:54:29 Authenticator[/famtree]: User data constraint has no restrictions 2005-11-01 19:54:29 Authenticator[/famtree]: Calling authenticate() 2005-11-01 19:54:30 Authenticator[/famtree]: Failed authenticate() test roo:/var/log/tomcat4# =========================postgres.log 2005-11-01 19:54:30 [3756] LOG: duration: 0.283 ms statement: set client_encoding = 'UNICODE' 2005-11-01 19:54:30 [3756] LOG: duration: 5.291 ms statement: SELECT password FROM users WHERE name = null ===========================web.xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app id="WebApp_ID"> <display-name>Family Tree Manager</display-name> <filter> <filter-name>redirect</filter-name> <filter-class>org.apache.tapestry.RedirectFilter</filter-class> </filter> <filter-mapping> <filter-name>redirect</filter-name> <url-pattern>/</url-pattern> </filter-mapping> <servlet> <servlet-name>famtree</servlet-name> <servlet-class>org.apache.tapestry.ApplicationServlet</servlet-class> <load-on-startup>0</load-on-startup> </servlet> <servlet-mapping> <servlet-name>famtree</servlet-name> <url-pattern>/app</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>famtree</servlet-name> <url-pattern>*.page</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>famtree</servlet-name> <url-pattern>*.do</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>famtree</servlet-name> <url-pattern>*.sdo</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>famtree</servlet-name> <url-pattern>*.svc</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>famtree</servlet-name> <url-pattern>/assets/*</url-pattern> </servlet-mapping> <session-config> <session-timeout>15</session-timeout> </session-config> <welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> <welcome-file>default.html</welcome-file> <welcome-file>default.htm</welcome-file> <welcome-file>default.jsp</welcome-file> </welcome-file-list> <resource-ref> <description>Family Tree Database</description> <res-ref-name>jdbc/family_tree</res-ref-name> <res-type>javax.sql.DataSource</res-type> <res-auth>Container</res-auth> <res-sharing-scope>Shareable</res-sharing-scope> </resource-ref> <security-constraint> <web-resource-collection> <web-resource-name>Famtree Application</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>family</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Family Member</realm-name> </login-config> <security-role> <role-name>family</role-name> </security-role> </web-app> -- Alan Chandler http://www.chandlerfamily.org.uk Open Source. It's the difference between trust and antitrust. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]