Tomcat 5.5: j_security_check doesn't read the form-passwords, log4j

Tue, 19 Dec 2006 09:03:22 -0800 

Hi list,

problem-description is above.

I've defined a jdbc-realm in conf/server.xml, that is:

       <Realm className="org.apache.catalina.realm.JDBCRealm"
           connectionPassword="xxx"
           debug="99"
           userCredCol="user_pass"
               userTable="users"
               driverName="org.gjt.mm.mysql.Driver"
               connectionURL="jdbc:mysql://db/authyela"
               connectionName="xxx"
           digest="MD5"
           userNameCol="user_name"
           userRoleTable="user_roles"
           roleNameCol="role_name" />

My form-login-page is (snippet):

     <form method="post" action="j_security_check">
     <table style="width: 342px; height: 114px;">
       <tbody>
           <tr>
           <td>User ID</td>
           <td><input name="j_username" size="20" maxlength="30"
type="text"/></td>
           <td>Password</td>
           <td style="text-align: left; vertical-align: middle; width: 80px;">
           <td><input name="j_password" size="20" maxlength="30"
type="password"/></td>
         </tr>
       </tbody>
     </table>
</form>

I do not think that my problem relates the the html since exactly the
same html-code is running on another machine with Tomcat 5.5

However, when I check my MySQL-Logs, I see the following:

061219 17:05:49       8 Prepare     [1] SELECT user_pass FROM users
WHERE user_name = ?
                     8 Execute     [1] SELECT user_pass FROM users
WHERE user_name = ''
                     8 Query       commit

That means that the user-credential somehow gets not passed from the
form to j_security_check

I'm kinda clueless, is there anybody out there having an idea?

I'd also like to know how to turn on logging (if possible) for j_security_check.

I've installed log4j, configured it and am getting a bunch of data,
however, nothing regarding j_security_check. Are there any parameters
that I can set to turn on logging for j_security_check?

Actually, I'd just like to see the post-data transferred from my
login-form to j_security_check.

TIA

Any hints appreciated

Greg






--
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371

---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to