Hi list,
we're really, really deperate here.
We have developed a web-app on Debian Edge with Tomcat 5.5.17 using
Form-based Authentication with a JDBC-realm. Database is a MySQL
4.1.11
However, when we try to authenticate, the content passed from
j_security_check -> mysql-driver -> MySQL always contains an empty
string for the username, although the user has been read from the FORM
and j_security_check even writes the j_user_name to the log.
The logs show the following (log4j enabled in Tomcat):
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase -
Security checking request GET /RRWizardCLUE/RRWizardCLUE
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Security checking request GET /RRWizardCLUE/RRWizardCLUE
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Calling hasUserDataPermission()
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Calling hasUserDataPermission()
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Calling authenticate()
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Calling authenticate()
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.FormAuthenticator
- Save request in session '2872D911DD1F4534F9875C5C8994EA8B'
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.FormAuthenticator
- Save request in session '2872D911DD1F4534F9875C5C8994EA8B'
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Failed authenticate() test
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Failed authenticate() test
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Security checking request POST /RRWizardCLUE/j_security_check
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Security checking request POST /RRWizardCLUE/j_security_check
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.FormAuthenticator
- Authenticating username 'genre'
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.FormAuthenticator
- Authenticating username 'genre'
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Failed authenticate() test ??/RRWizardCLUE/j_security_check
DEBUG http-8080-Processor2 org.apache.catalina.authenticator.AuthenticatorBase
- Failed authenticate() test ??/RRWizardCLUE/j_security_check
Now when I look at the MySQL-logs, I can see that an empty string has
been passed:
061221 21:14:32 100 Execute [1] SELECT user_pass FROM users
WHERE user_name = ''
100 Query commit
As you can see, the user "genre" has been found by j_security_check
(which is demonstrated by the log), however, j_security_check (or the
MySQL-JDBC-driver) somehow "swallows" the user and delivers an empty
string to the MySQL-query.
The definition of our JDBC-REALM is fine, and we've triple- and
quadruple-checked that the tables are there, rights are set, however,
for your information I'll post it here anyways:
<Realm className="org.apache.catalina.realm.JDBCRealm"
connectionPassword="xxxx"
userCredCol="user_pass"
userTable="users"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/authyela"
connectionName="someuser"
digest="MD5"
userNameCol="user_name"
userRoleTable="user_roles"
roleNameCol="role_name" />
This whole setup worked on Debian Sarge with a single processor on a
32bit-machine, but it does not work on Debian Edge Dual CPU Dual Core
Opteron 64bit.
The JDK installed is 1.5.0-09-b01 (64bit JDK).
As far as I know, it doesn't matter wether a Java-program (i.e. the
MySQL-Connector or Tomcat) is running on 32bit-JDK or on 64bit-JDK
since the bytecode of the classes remains the same, right? Or do we
have to recompile the whole bunch on 64bit???
Please, please, please, throw all your suggestions, assumptions at me,
we're absolutely out of any ideas.
Thanks
Greg
--
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
