Hi guys,
I'm just a bit puzzled, maybe one of you can shed some light:
We're running Tomcat 5.5 here having created a JDBC-realm holding our
users & their credentials:
<Realm className="org.apache.catalina.realm.JDBCRealm"
connectionPassword=somePassword"
userCredCol="user_pass"
userTable="users"
driverName="com.mysql.jdbc.Driver"
connectionURL="jdbc:mysql://someDatabase"
connectionName="sameName"
digest="MD5"
userNameCol="user_name"
userRoleTable="user_roles"
roleNameCol="role_name" />
The DDL of the MySQL-Tables shows like
users:
user_name varchar(40) PRI
user_pass varchar(50)
user_group int(11)
user_ID int(11)
user_roles:
user_name varchar(40)
role_name varchar(15)
sso_table varchar(40)
However, we've just discovered that Tomcat doesn't care at all abot
case-sensivity of the user-names being entered.
Example:
User-Name: Scrooge
Password: McDuck
I can enter Scrooge, scrooge, SCROOGE, sCrOoGe - any combination is accepted.
Did I miss something here that this is a Tomcat-"feature"....?
I ran through the Tomcat-docs but couldn't find any hint on that issue.
Needless to say that personally I find this behaviour quite annoying
and would die for a hint how to get rid of that behaviour.
TIA
gregor
--
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
