| Anonymous | Login | Signup for a new account | 11-22-2024 10:06 PST |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
| 0000257 | [Resin] | minor | always | 06-12-05 00:00 | 01-27-06 14:39 | ||||
| Reporter | user243 | View Status | public | ||||||
| Assigned To | ferg | ||||||||
| Priority | low | Resolution | unable to reproduce | ||||||
| Status | closed | Product Version | |||||||
| Summary | 0000257: JdbcAuthenticator Problem | ||||||||
| Description |
RSN-280 I can seem to get the JdbcAuthenticator to work. XmlAuthenticator works fine but JDBC does not. The <host> fragment from my resin.conf and the login page are listed below. I have confirmed that the <password-query> is being executed because I see it showing up in the MySQL logs, I have executed the query by hand substituting the '?' for a value signon. After submitting the login, I get the login page redisplaced and the URL is listed as: http://localhost:8080/j_security_check [^] Thanks for the help. From resin.conf: ---------------- <host id="" root-directory="."> <!-- - configures an explicit root web-app matching the - webapp's ROOT --> <web-app id="/" document-directory="webapps/ROOT"> <authenticator type='com.caucho.server.security.JdbcAuthenticator'> <!-- authenticator type="com.caucho.server.security.XmlAuthenticator"--> <init> <!-- <user>admin:iiiii0:admin,user</user> <user>guest:hollow:user</user> <password-digest>none</password-digest> --> <data-source>jdbc/mysql/pm</data-source> <password-query>SELECT ifnull(password,'hollow') as Password FROM pm.Person WHERE LastName = ?</password-query> <cookie-auth-query>SELECT LastName FROM pm.Person WHERE cookie=?</cookie-auth-query> <cookie-auth-update>UPDATE pm.Person SET cookie=? WHERE LastName=?</cookie-auth-update> <role-query>SELECT role FROM pm.Person WHERE LastName=?</role-query> </init> </authenticator> <login-config auth-method='form'> <form-login-config form-login-page='/pm/login.jsp' form-error-page='/pm/Login.jsp?login=failed' internal-forward='true' form-uri-priority='true'/> </login-config> <security-constraint url-pattern='/pm/*' role-name='admin'/> </web-app> </host> --------------------------------- login.jsp ---------------------------------- <html> <head><title>Login</title></head> <script type="text/javascript"> function resize() { window.moveTo(100,150); window.resizeTo(500,300); } </script> <body onload='resize()'> <center> <form action='j_security_check' method='POST'> <table> <tr><td>User:<td><input name='j_username' value='admin'/> <tr><td>Password:<td><input type=password name='j_password'/> <tr><td><input type=submit value='login'/> <td>hint: the password is 6 letters and completes the phase "fox _ _ _ _ _ _" <td><input type=hidden name='j_uri' value='/pm/login2.jsp'/> </table> </form> </center> </body> </html> |
||||||||
| Additional Information | Windows XP, MySQL | ||||||||
| Attached Files | |||||||||
|
|
|||||||||
 Relationships |
|
|
Notes |
|
|
(0000805) ferg 01-27-06 14:39 |
The jdbc authenticator tests are passing correctly. Based on the configuration, it looks like there might be a missing <password-digest>none</password-digest>. (Which wouldn't be a recommended configuration, since it is a very good idea to only store password digests.) |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 06-12-05 00:00 | user243 | New Issue | |
| 01-27-06 14:39 | ferg | Note Added: 0000805 | |
| 01-27-06 14:39 | ferg | Assigned To | => ferg |
| 01-27-06 14:39 | ferg | Status | acknowledged => closed |
| 01-27-06 14:39 | ferg | Resolution | open => unable to reproduce |
| 01-27-06 14:39 | ferg | version | 3.0.13 => |
| Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
34 total queries executed. 27 unique queries executed. |  |
