I have observed using tomcat 7.027 and 6.026 an issue with BASIC
authentication.
My intent was to have both user names and passwords be case sensitive.
I know of nothing
I did that would change that. The database table is plain vanilla.
Passwords are case sensitive,
but upper or lower case usernames work. Is there any way to prevent this?
Operating systems are windows 7 and windows Server 2008R2 both 64 bit.
web.xml includes
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>XXXX</realm-name>
</login-config>
context.xml includes
<Realm className="org.apache.catalina.realm.JDBCRealm"
connectionURL="jdbc:mysql://localhost/XXX?user=XXX&password=a4HLw3Jx"
digest="MD5" driverName="com.mysql.jdbc.Driver"
roleNameCol="role" userCredCol="password" userNameCol="username"
userRoleTable="USER_ROLES" userTable="USERS"/>
<Resource auth="Container"
driverClassName="com.mysql.jdbc.Driver"
maxActive="30" maxIdle="30"
maxWait="1200" name="jdbc/wmmd_db"
password="test"
type="javax.sql.DataSource"
url="jdbc:mysql://localhost/WMMD_WMMD?user=test&password=test"
username="test"/>
Thanks in advance for any help or guidance, I've spent a half day
scouring documentation and can't find a lead.
--
With best wishes,
Michael
------------------------------------------------------------------------
Michael B. Spring
Associate Professor
Information Science and Telecommunications
Voice: (412)-624-9429 Fax: (412)-624-2788
WWW: http://www.sis.pitt.edu/~spring <http://www.sis.pitt.edu/%7Espring>
Pmail: 701B SIS Building, 135 North Bellefield
University of Pittsburgh, PA 15260
