0000257: JdbcAuthenticator Problem

Viewing Issue Advanced Details [ Jump to Notes ]

[ View Simple ] [ Issue History ] [ Print ]

Category

Severity

Reproducibility

Date Submitted

Last Update

0000257

[Resin]

minor

always

06-12-05 00:00

01-27-06 14:39

Reporter

user243

View Status

public

Assigned To

ferg

Priority

low

Resolution

unable to reproduce

Platform

Status

closed

Projection

none

OS Version

ETA

none

Fixed in Version

Product Version

Product Build

3.0.13

Summary

0000257: JdbcAuthenticator Problem

Description

RSN-280
I can seem to get the JdbcAuthenticator to work. XmlAuthenticator works fine but JDBC does not. The <host> fragment from my resin.conf and the login page are listed below. I have confirmed that the <password-query> is being executed because I see it showing up in the MySQL logs, I have executed the query by hand substituting the '?' for a value signon. After submitting the login, I get the login page redisplaced and the URL is listed as:
http://localhost:8080/j_security_check [^]

Thanks for the help.

From resin.conf:
----------------
    <host id="" root-directory=".">
      
      <web-app id="/" document-directory="webapps/ROOT">
        <authenticator type='com.caucho.server.security.JdbcAuthenticator'>
        
           <init>
           
                   <data-source>jdbc/mysql/pm</data-source>
                   <password-query>SELECT ifnull(password,'hollow') as Password FROM pm.Person WHERE LastName = ?</password-query>
                   <cookie-auth-query>SELECT LastName FROM pm.Person WHERE cookie=?</cookie-auth-query>
                   <cookie-auth-update>UPDATE pm.Person SET cookie=? WHERE LastName=?</cookie-auth-update>
                   <role-query>SELECT role FROM pm.Person WHERE LastName=?</role-query>
               </init>
            </authenticator>
           <login-config auth-method='form'>
               <form-login-config form-login-page='/pm/login.jsp' form-error-page='/pm/Login.jsp?login=failed' internal-forward='true' form-uri-priority='true'/>
           </login-config>
           <security-constraint url-pattern='/pm/*' role-name='admin'/>
       </web-app>

    </host>
---------------------------------
login.jsp
----------------------------------
<html>
<head><title>Login</title></head>
<script type="text/javascript">
function resize()
{
    window.moveTo(100,150);
    window.resizeTo(500,300);
}
</script>
<body onload='resize()'>
<center>
<form action='j_security_check' method='POST'>
<table>
<tr><td>User:<td><input name='j_username' value='admin'/>
<tr><td>Password:<td><input type=password name='j_password'/>
<tr><td><input type=submit value='login'/>
<td>hint: the password is 6 letters and completes the phase "fox _ _ _ _ _ _"
<td><input type=hidden name='j_uri' value='/pm/login2.jsp'/>
</table>
</form>
</center>
</body>
</html>

Steps To Reproduce

Additional Information

Windows XP, MySQL

Attached Files

Relationships

Notes
(0000805) ferg 01-27-06 14:39	The jdbc authenticator tests are passing correctly. Based on the configuration, it looks like there might be a missing <password-digest>none</password-digest>. (Which wouldn't be a recommended configuration, since it is a very good idea to only store password digests.)

Issue History
Date Modified	Username	Field	Change
06-12-05 00:00	user243	New Issue
01-27-06 14:39	ferg	Note Added: 0000805
01-27-06 14:39	ferg	Assigned To	=> ferg
01-27-06 14:39	ferg	Status	acknowledged => closed
01-27-06 14:39	ferg	Resolution	open => unable to reproduce
01-27-06 14:39	ferg	version	3.0.13 =>

Mantis 1.0.0rc3[^]

34 total queries executed.
27 unique queries executed.