I am attempting to connect to a database in order to authenticate a user using Apache Shiro. I have a servlet call a java class to perform this task. Right now it is simply changing a string if it successfully authenticates. I have attempted many different connection methods: data pools, jtds, Microsoft Sql Server JDBC, and all give me the error:
SQL error while authenticating user [user1]
My log files also show this error:
Warning: RAR5058: Error while Resizing pool SQLS1-TestBilling. Exception : Connection could not be allocated because: The TCP/IP connection to the host SQLS1, port 1433 has failed. Error: "null. Verify the connection properties. Make sure that an instance of SQL Server is running on the host and accepting TCP/IP connections at the port. Make sure that TCP connections to the port are not blocked by a firewall.".
I am able to use the TestBilling connection pool in the servlet just fine so I don't think it is a problem with the pool, but it seems unable to use the ini file declarations to use SQL. Is there something I'm missing, forgetting to do, or doing wrong?
Here are the relevant files:
GetAuthServlet.java:
package com.phmc.shiro5web;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class GetAuthServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE html>");
out.println("<html>");
out.println("<head>");
out.println("<title>Auth</title>");
out.println("</head>");
out.println("<body>");
AuthenticationClass au = new AuthenticationClass();
String b = "";
b = au.isAuthenticated("mmarino", "test");
out.println(b);
out.println("</body>");
out.println("</html>");
}
AuthenticationClass.java:
package com.phmc.shiro5web;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class AuthenticationClass {
private static final transient Logger log = LoggerFactory.getLogger(Authentication.class);
String isAuthenticated(String username, String password){
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject currentUser = SecurityUtils.getSubject();
String b = "fail";
log.info("Test");
try{
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken("mmarino", "test") ;
token.setRememberMe(true);
try {
currentUser.login(token);
b = "Success";
}catch (UnknownAccountException uae) {
log.info("There is no user with username of " + token.getPrincipal());
}
}
}catch(Exception e){
b = e.toString();
}
)
return b;
}
}
Shiro.ini:
[main]
ds = org.apache.shiro.jndi.JndiObjectFactory
ds.resourceName = jdbc/TestBilling
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $ds
jdbcRealm.permissionsLookupEnabled = true
jdbcRealm.authenticationQuery = SELECT theuser FROM UserList
securityManager.realm = $jdbcRealm
I have also tried: jdbcRealm.authenticationQuery = SELECT theuser FROM UserList where passwordList = ?
In the Shiro.ini file for the second to last line.
It seems there was an additional error I didn't catch that caused log4j to break, which was keeping out other errors from being seen that showed a basic SQL error.