'Form based Authentication in Tomcat
I performed login using form based authentication in tomcat(using j_security_check). I have added jdbc realm code in server.xml and also security constrains in web.xml file. But even after giving correct username and password it goes to error page. Please advise as to what could be wrong.
For both correct and wrong credentials it only goes to error page.
The above code was edited by me in :
In server.xml :
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<!-- <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/> -->
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="org.postgresql.Driver"
connectionURL="jdbc:postgresql://localhost:5432/postgres"
connectionName="postgres" connectionPassword="postgres"
userTable="login" userNameCol="username" userCredCol="password"
userRoleTable="user_roles" roleNameCol="rolename" />
</Realm>
In web.xml:
<web-app>
<!--Defines Security Constraint -->
<security-constraint>
<display-name>Form Based Authentication</display-name>
<web-resource-collection>
<web-resource-name>library</web-resource-name>
<description/>
<url-pattern>/*</url-pattern>
<!-- <url-pattern>index.jsp</url-pattern> -->
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<!--Defines Login Config -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>file</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<!--Defines Security Role -->
<security-role>
<description/>
<role-name>*</role-name>
</security-role>
</web-app>
login.jsp
<form method="POST" action="j_security_check">
<div class="container">
<h4 class="text-center">LOGIN</h4>
<label for="name"><b>USERNAME</b></label>
<input type="text" placeholder="Enter Username" name="j_username" id="name" required>
<br>
<label for="pass"><b>PASSWORD</b></label>
<input type="password" placeholder="Enter Password" name="j_password" id="pass" required>
<input type="submit" value="Login">
</div>
</form>
error.jsp
<p>
Sorry, login failed!
</p>
I have used 2 tables , one with username an password and another one with username and rolename.
Database structure used
Column | Type | Collation | Nullable | Default
----------+-----------------------+-----------+----------+---------
username | character varying(50) | | not null |
password | character varying(50) | | not null |
Indexes:
"login_pkey" PRIMARY KEY, btree (username)
Column | Type | Collation | Nullable | Default
----------+-----------------------+-----------+----------+---------
username | character varying(50) | | not null |
rolename | character varying(20) | | not null |
Indexes:
"user_roles_pkey" PRIMARY KEY, btree (username, rolename)
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|