Search code examples
javalinuxpostgresqltomcatjdbcrealm

Tomcat Realm forms: login always fails

The Tomcat Realm (Forms) authentification in my JSP project worked well before i changed OS to linux, now it doesn't: login is always fails.

IDE is IDEA.

The project uses:

  • 8.0.9 Tomcat JDBCRealm
  • PostgreSql 9.3
  • Postgres JDBC driver is in /WEB-INF/lib dir and visible by Hibernate as org.postgresql.Driver
  • Postgres login&pass are correct and table names are correct too

Changes in server.xml:

<Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true">

 <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="localhost_access_log" suffix=".txt"
               pattern="%h %l %u %t &quot;%r&quot; %s %b" />

 <Realm className="org.apache.catalina.realm.LockOutRealm">
        <Realm  
           className="org.apache.catalina.realm.UserDatabaseRealm"
           resourceName="UserDatabase"/>

        <Realm 
           className="org.apache.catalina.realm.JDBCRealm"
           driverName="org.postgresql.Driver"
           connectionURL="jdbc:postgresql://localhost:5432/postgres?user=postgres&amp;password=123"
           userTable="users" 
           userNameCol="name" 
           userCredCol="pass"
           userRoleTable="user_roles" 
           roleNameCol="role"/>
 </Realm>

... actually, I changed nothing there except moving LockOutRealm to <Host> tag and adding JDBCRealm block into.

The web.xml is correct, because it worked well before...

Why doesn't it work? Maybe it's about linux user's privilege?

pg_hba.conf:

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     md5
# IPv4 local connections:
host    all             all             127.0.0.1/32            md5
# IPv6 local connections:
host    all             all             ::1/128                 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local   replication     postgres                                md5
#host    replication     postgres        127.0.0.1/32            md5
#host    replication     postgres        ::1/128                 md5

Postgres log:

2014-07-25 19:52:17 MSK LOG:  database system was shut down at 2014-07-25 19:52:07 MSK
2014-07-25 19:52:17 MSK LOG:  database system is ready to accept connections
2014-07-25 19:52:17 MSK LOG:  autovacuum launcher started
2014-07-25 19:53:57 MSK LOG:  incomplete startup packet
2014-07-25 19:53:59 MSK LOG:  incomplete startup packet
2014-07-25 22:39:38 MSK LOG:  unexpected EOF on client connection with an open transaction
2014-07-25 22:42:15 MSK LOG:  unexpected EOF on client connection with an open transaction
Solution

  • A Realm in Tomcat is managed outside your webapp, so the JDBC driver needs to be available to the Tomcat runtime.

    This means you must place the jdbc driver in the $TOMCAT_HOME/lib directory, and not in WEB-INF/lib/ inside your webapp.