users@glassfish.java.net

Re: JDBC Realm

From: Arthur Yeo <artyyeo_at_gmail.com>
Date: Tue, 29 Mar 2011 11:14:15 -0700

Here's what I found: when I ran the appl, there is a pop-up that asked for
Username, Password.

   1. I typed in (webuser, webuser) and it failed
   2. I typed in (webuser, 4664ccd28b2a73dad40e2a5aa8e748f7), it passed


Am I seeing this right? Why do I need to hash the pw myself? This is
puzzling ...



On Tue, Mar 29, 2011 at 10:42 AM, Arthur Yeo <artyyeo_at_gmail.com> wrote:

> All,
>
> I tried creating a brand new project based on Shing's blog (
> http://blogs.sun.com/swchan/entry/jdbcrealm_in_glassfish_with_mysql).
> It worked if it is on BasicAuth, but when I switched to DIGEST, I got the
> errors which I captured below. Can someone help me with diagnosing this,
> please?
>
> Also, has anyone used GF Form Auth and Digest Auth successfully in their
> production env?
>
> I have updated the following components to use DIGEST:
>
> 1. encoded the password with md5 when I switched to DIGEST in the
> usertable
> 2. web.xml is updated to use DIGEST
> 3. jdbcrealm was updated in the AdminConsole to use digest: JAAS
> context = jdbcDigestRealm; Digest Algorithm = MD
>
>
> Is there something missing?
>
> -------------- Errors from server log -------------------
> Timestamp
> Mar 29, 2011 10:24:37.505
> Log Level
> SEVERE
> Logger
> javax.enterprise.system.core.security.com.sun.appserv.security
> Name-Value Pairs
> {_ThreadName=Thread-1, _ThreadID=37}
> Record Number
> 4342
> Message ID
> SEC1105
> Complete Message
> A PasswordCredential was required but not provided.
>
> -----------------------------
> Timestamp
> Mar 29, 2011 10:24:37.506
> Log Level
> WARNING
> Logger
> javax.enterprise.system.container.web.com.sun.web.security
> Name-Value Pairs
> {_ThreadName=Thread-1, _ThreadID=37}
> Record Number
> 4345
> Message ID
> Web login failed
> Complete Message
> Login failed: javax.security.auth.login.LoginException: No credentials.
> ---------------------------------
>
>
>
>
> --
> Arthur Y.
>



-- 
Arthur Y.