 | Mailing List | | Home | | Forum Home | | JBoss - Java Application Server | | Tomcat - JSP/Servlet container | | Struts - A MVC web framework | | iText - An open source PDF Java Library | | JDOM - JDOM XML Parser | | J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition | | J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog | | JSP - A mailing list about Java Server Pages specification and reference | | Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology | |
Struts & Hibernate
|
|
|
| | | tomcat 5.5 multiple contexts using same realm bug? | tomcat 5.5 multiple contexts using same realm bug? 2006-11-21 - By Elliott Murray
Back
Hi,
I am trying to set up multiple contexts in Tomcat 5.5 but have a problem in
logging in. I have them both up and running. They both use realms for login
functionality. I wanted to originally use my own custom data source realm
(limitations in the use of the Catalina one) This was working fine for App A but
as soon as I put up App B using the same code but a different configuration
(different tables, jdbc connections etc) I had some strange results. I would get
the login page for App A turning up in App B and vice versa on what seemed
random conditions. Login would only work on one App at a time in best case
scenario. I then regressed back to using the DataSourceRealm but have the same
results. If I use one of each it seems to work in that the correct login pages
appear and I can log into one of the sites (though due to my sql requirements
can only actually log into one app as the DataSourceRealm isn't quite flexible
enough for either of my apps)
Help! Is this a bug? I think my config is all correct - all in the correct
context files/tags and as I say stand alone they work. If I hazarded a guess I
reckon because the realm code is in server lib under tomcat only one instance
of the realm is loaded in a parent classloader and sharing its state across
multiple apps which is really bad and I'd even go so far to say this has
serious potential security issues depending on your environment. It also
negates a great potential feature of having realm embedded into context. I
could go to using JAAS but would rather not as its a rewrite of something that
's been working just fine for a while now.
Some (edited) sample config below in case someone believes this is wrong. As I
say I am pretty sure this is a bug but cannot believe I am the first person to
want to do this?
<Context
docBase="C:/webapps/app1"
reloadable="true"
workDir="C:\Java\Tomcat5.5\work">
<Realm className="org.apache.catalina.realm.DataSourceRealm  " debug="99"
dataSourceName="jdbc/App1MySQLDB"
userTable="member" userNameCol="email" userCredCol="password"
userRoleTable="schemes" roleNameCol="name"/>
<Resource
auth="Container"
name="jdbc/App1MySQLDB"
type="javax.sql.DataSource "
password="xxx"
driverClassName="com.mysql.jdbc.Driver "
maxIdle="5"
maxWait="10000"
removeAbandoned="true"
logAbandoned="true"
username="user"
url="jdbc:mysql://a-url"
removeAbandonedTimeout="60"
factory="org.apache.commons.dbcp.BasicDataSourceFactory "
maxActive="20"/>
</Context>
Repeat for App2 with its own data source (and db/config etc)
Should this go to dev mailing list? Or logged as a bug?
Thanks
Elliott Murray
Elliott Murray
Technical Architect
Green Cathedral <http://www.greencathedral.com/images/gc-logo.gif> Green
Cathedral
The Old Granary
Westwick
Cambridge
CB4 5AR
elliott.murray@(protected) <mailto: elliott.murray@(protected)>
m. +44 (C)B243 AR
t. +44 (0)1223 266700
f. +44 (0)1223 266701
www.greencathedral.com <http://www.greencathedral.com/>
|
|
|
