Graham Leggett
2003-11-14 22:29:01 UTC
Hi all,
I have been trying to follow the bits and pieces of docs that describe
how to configure a DataSource, and then configure a Basic Authentication
security constraint, against that DataSource.
When I access the protected URL, instead of getting "401 Auth Required",
I get "400 The request sent by the client was syntactically incorrect"
instead.
No error messages are logged anywhere.
Anyone know what I am doing wrong?
My web.xml includes this:
<resource-ref>
<description>Patricia Datasource</description>
<res-ref-name>jdbc/patricia</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<security-constraint>
<display-name>Patricia Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/*.do</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>administrator</role-name>
<role-name>underwriter</role-name>
<role-name>accountant</role-name>
<role-name>broker</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Patricia</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<role-name>administrator</role-name>
</security-role>
<security-role>
<role-name>underwriter</role-name>
</security-role>
<security-role>
<role-name>accountant</role-name>
</security-role>
<security-role>
<role-name>broker</role-name>
</security-role>
My context definition in tomcat is this:
<Context path="/patricia" reloadable="true"
docBase="/home/gatekeeper/minfrin/src/fma/patricia/target/patricia"
workDir="/home/gatekeeper/minfrin/src/fma/patricia/work/org/apache/jsp" >
<Logger className="org.apache.catalina.logger.SystemOutLogger"
verbosity="4" timestamp="true"/>
<Resource name="jdbc/patricia" auth="Container"
type="javax.sql.DataSource"/>
<ResourceParams name="jdbc/patricia">
<parameter>
<name>factory</name>
<value>org.apache.commons.dbcp.BasicDataSourceFactory</value>
</parameter>
<parameter>
<name>driverClassName</name>
<value>org.postgresql.Driver</value>
</parameter>
<parameter>
<name>url</name>
<value>jdbc:postgresql://127.0.0.1:5432/patricia</value>
</parameter>
<parameter>
<name>username</name>
<value>user_name</value>
</parameter>
<parameter>
<name>password</name>
<value>password</value>
</parameter>
<parameter>
<name>maxActive</name>
<value>20</value>
</parameter>
<parameter>
<name>maxIdle</name>
<value>10</value>
</parameter>
<parameter>
<name>maxWait</name>
<value>-1</value>
</parameter>
</ResourceParams>
<Realm className="org.apache.catalina.realm.DataSourceRealm" debug="99"
dataSourceName="jdbc/patricia"
userTable="person" userNameCol="uid" userCredCol="user_password"
userRoleTable="company_person" roleNameCol="role_name"/>
</Context>
Regards,
Graham
--
I have been trying to follow the bits and pieces of docs that describe
how to configure a DataSource, and then configure a Basic Authentication
security constraint, against that DataSource.
When I access the protected URL, instead of getting "401 Auth Required",
I get "400 The request sent by the client was syntactically incorrect"
instead.
No error messages are logged anywhere.
Anyone know what I am doing wrong?
My web.xml includes this:
<resource-ref>
<description>Patricia Datasource</description>
<res-ref-name>jdbc/patricia</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<security-constraint>
<display-name>Patricia Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/*.do</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>administrator</role-name>
<role-name>underwriter</role-name>
<role-name>accountant</role-name>
<role-name>broker</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Patricia</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<role-name>administrator</role-name>
</security-role>
<security-role>
<role-name>underwriter</role-name>
</security-role>
<security-role>
<role-name>accountant</role-name>
</security-role>
<security-role>
<role-name>broker</role-name>
</security-role>
My context definition in tomcat is this:
<Context path="/patricia" reloadable="true"
docBase="/home/gatekeeper/minfrin/src/fma/patricia/target/patricia"
workDir="/home/gatekeeper/minfrin/src/fma/patricia/work/org/apache/jsp" >
<Logger className="org.apache.catalina.logger.SystemOutLogger"
verbosity="4" timestamp="true"/>
<Resource name="jdbc/patricia" auth="Container"
type="javax.sql.DataSource"/>
<ResourceParams name="jdbc/patricia">
<parameter>
<name>factory</name>
<value>org.apache.commons.dbcp.BasicDataSourceFactory</value>
</parameter>
<parameter>
<name>driverClassName</name>
<value>org.postgresql.Driver</value>
</parameter>
<parameter>
<name>url</name>
<value>jdbc:postgresql://127.0.0.1:5432/patricia</value>
</parameter>
<parameter>
<name>username</name>
<value>user_name</value>
</parameter>
<parameter>
<name>password</name>
<value>password</value>
</parameter>
<parameter>
<name>maxActive</name>
<value>20</value>
</parameter>
<parameter>
<name>maxIdle</name>
<value>10</value>
</parameter>
<parameter>
<name>maxWait</name>
<value>-1</value>
</parameter>
</ResourceParams>
<Realm className="org.apache.catalina.realm.DataSourceRealm" debug="99"
dataSourceName="jdbc/patricia"
userTable="person" userNameCol="uid" userCredCol="user_password"
userRoleTable="company_person" roleNameCol="role_name"/>
</Context>
Regards,
Graham
--