jdbcrealm

问题 I'm trying to get my login form to with a MySQL Database and keep on getting the following error: [update] --> I made some modification today this is what I'm getting right now: SEVERE: jdbcrealm.invaliduserreason WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception WARNING: WEB9102: Web

问题 I've recently updated Glassfish from 3.1.2 to 4.0 and wanted to set up a JDBCRealm that I used before on my app which uses FORM based authentication. The passwords are hashed with SHA-256 in the database (that is the default Digest Algorithm option). The realm has a property that became mandatory in this Glassfish version: Password Encryption Algorithm. Quite incredibly, the official Glassfish documentation says it's optional, and the note under the input field says it is a risk to leave it

问题 I've recently updated Glassfish from 3.1.2 to 4.0 and wanted to set up a JDBCRealm that I used before on my app which uses FORM based authentication. The passwords are hashed with SHA-256 in the database (that is the default Digest Algorithm option). The realm has a property that became mandatory in this Glassfish version: Password Encryption Algorithm. Quite incredibly, the official Glassfish documentation says it's optional, and the note under the input field says it is a risk to leave it

问题 How do you use a JDBCRealm to handle authenticating and authorizing users in servlets? The only example I can find is to create the DataSource in web.xml (such as Authentication against database using shiro 1.2.1). I do not want to include database credentials in my source tree (for obvious reasons) and would prefer to use a Context defined DataSource via JNDI as I have for every other RDBMS I have used for any other purpose in every other servlet project I have developed. How do you

问题 How do you use a JDBCRealm to handle authenticating and authorizing users in servlets? The only example I can find is to create the DataSource in web.xml (such as Authentication against database using shiro 1.2.1). I do not want to include database credentials in my source tree (for obvious reasons) and would prefer to use a Context defined DataSource via JNDI as I have for every other RDBMS I have used for any other purpose in every other servlet project I have developed. How do you

问题 I am trying to set Tomcat JDBC Realm for my Testing web application. I am following the standard documentation, https://tomcat.apache.org/tomcat-8.0-doc/realm-howto.html#JDBCRealm. My server.xml is as following: <Server port="8005" shutdown="SHUTDOWN"> <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />

问题 I am trying to set Tomcat JDBC Realm for my Testing web application. I am following the standard documentation, https://tomcat.apache.org/tomcat-8.0-doc/realm-howto.html#JDBCRealm. My server.xml is as following: <Server port="8005" shutdown="SHUTDOWN"> <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />

问题 I have a Glassfish server in production which uses JDBC Realm for authentication. It works well, but there is the need to change all the roles/groups. I developed a new version of the web application in a test environment changing glassfish-web.xml and web.xml to align them with the groups contained in the groups table on the db for test. Everything works flawlessly. So I moved the web application to the production environment and updated the content of the groups table on production db. The

问题 I develop a web application for Tomcat 6, and I'm face to face with a problem I don't know how to resolve. Let's consider the following small scenario. Imagine that it's required to authenticate users not just by user and password, the authentication is only granted if some extra conditions are true (e.g. user, password, and his IP address matches). As far I understood, Tomcat introduced the concept of realms. A simple JDBCRealm was enough for the application, because the user and password

问题 I started a project setting up basic authentication. I now want to switch to Digest Authentication. The problem is that the authentication is validated only if I provide the hash of the actual password, and not the actual password. I did the following to switch from BASIC to DIGEST: changed in my web.xml the auth-method to DIGEST changed the JAAS context of my JDBC Realm to "jdbcDigestRealm" in my db, I used to have "password" as a password, I changed in to the result of MD5(webuser:postgres