All geek questions in one place

JSP web application authentication in tomcat

I configured the application to use forms-based authentication and configure the necessary parameters in server.xml.

When I try to access a secure page, I am correctly redirected to the login page. On the login page, I provide the correct user ID and password, but it does not register me, instead, the page with the login error is displayed.

I use Eclipse to run a project in Tomcat along with a MySQL database on Mac OS X.

Thanks in advance.

+3
source share
3 answers

Finally it worked out!

eclipse , eclipse Servers, server.xml, tomcat, tomcat eclipse.

, , realm server.xml Servers eclipse.

, , .

,

+4

, web.xml .

<security-constraint>
        <web-resource-collection>       
            <web-resource-name>profile</web-resource-name>  

            <url-pattern>/myProfile</url-pattern>

        </web-resource-collection>          
        <auth-constraint>
            <role-name>member</role-name>           
        </auth-constraint>
    </security-constraint>

    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
        <form-login-page>/signin.jsp</form-login-page>
        <form-error-page>/signin_error.jsp</form-error-page>
        </form-login-config>
    </login-config>

    <security-role><role-name>member</role-name></security-role>

server.xml.

<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
      driverName="com.mysql.jdbc.Driver"
   connectionURL="jdbc:mysql://localhost/dbname?user=root&amp;password=root"
       userTable="users" userNameCol="email" userCredCol="password"
   userRoleTable="user_roles" roleNameCol="role_name"/>

, , mysql jar tomcat lib.

.

<form class="form" id="login_form" action="j_security_check" method="post">
<input class="element" id="element_1" style="WIDTH: 255px" maxlength="200" name="j_username"/> 
<input class="element" id="element_2" style="WIDTH: 255px" type="password" maxlength="200" name="j_password"/> 
</form>

, , , !

+2

. :

  • root? , /j_security_check. , - , Tomcat .

  • users(email, password) user_roles(email, role_name) , , Realm? , , , , , .

If none of the above helps, the only thing I can offer is to download the Tomcat source and execute it while working under Eclipse. For Tomcat 6, you want to set a breakpoint at org.apache.catalina.realm.JDBCRealm.authenticate(String username, String credentials)(line 341, although I may not have the most recent source) and execute method open()and 2 authenticate().

0
source

Source: https://habr.com/ru/post/1716057/

More articles:


All Articles