http://www.docjar.com/html/api/org/apache/catalina/realm/JDBCRealm.java.html To use this JDBCRealm we need two tables, user and user_role. user table - user_id, user_name, user_password user_role table - user_id, role_id, user_name Why user_name is required in user_role table when user_id is there as foreign key. The JDBCRealm could...
For an internal Tomcat/Java/Struts application, we're converting custom-written authentication code to use JDBCRealm. The database is MySQL 5.0, and the passwords are stored as PASSWORD()-encrypted strings. In our version of MySQL, the PASSWORD() function is a non-standard (proprietary?) 41-byte hash. (I know now that we shouldn't be ...
I'm very new to EJB security and GlassFish authentication, authorization mechanism. I have a jdbc realm and configured sun-web.xml and web.xml to map the roles and restrict access to a page. However, my problem is that when I restrict access to all the pages, it works and triggers the login pop up before loading the welcome page (using ...
Hello, I am trying to configure a jdbcRealm in GlassFishV3 using existing tables that have a naming convention other than "users" and "groups"; the realm does not appear to work unless the tables are named this way. My question is, why the limitation? Is there a work around other than renaming my existing tables? Thanks, RG ...
I use jdbcRealm for security in my glassfish v3.0.1 b22. It is set up so that it use the USER table inside my database for authentication by following this blog: http://blogs.sun.com/foo/entry/mort_learns_jdbc_realm_authentication. I got it working fine, if I leave the digest algorithm as plain text. However when i try to use SHA-256 for...
Hi to everyone. I develop a web application for Tomcat 6, and I'm face to face with a problem I don't know how to resolve. Let's consider the following small scenario. Imagine that it's required to authenticate users not just by user and password, the authentication is only granted if some extra conditions are true (e.g. user, password,...