Tomcat JDBC与数据源领域 [英] Tomcat JDBC vs. DataSource Realm

问题描述

对于webapp testapp，其web.xml中具有以下内容(除其他外)

For webapp testapp which has the following in its web.xml (among other things)

<security-constraint>
    <web-resource-collection>
        <web-resource-name>My JSP</web-resource-name>
        <url-pattern>*.secured</url-pattern>
        <url-pattern>/login</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>

    <auth-constraint>
        <role-name>mobileusers</role-name>
    </auth-constraint>
    <!--
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
    -->
</security-constraint>

<login-config>
    <auth-method>DIGEST</auth-method>
    <realm-name>Identity</realm-name>
</login-config>

<security-role>
    <description>
        No Description
    </description>
    <role-name>mobileusers</role-name>
</security-role>

请考虑以下两个Tomcat Realm配置:

Consider the following two Tomcat Realm configurations:

配置1-JDBC领域:

在.../webapps/testapp/META-INF/context.xml

<Realm  className="org.apache.catalina.realm.JDBCRealm" 
        driverName="com.mysql.jdbc.Driver"
        connectionName="mysqluser"
        connectionPassword="redacted"
        connectionURL="jdbc:mysql://192.168.1.5/testdb?autoReconnectForPools=true&amp;characterEncoding=UTF-8"
        digest="MD5"
        userTable="Users" 
        userNameCol="name" 
        userCredCol="password"
        userRoleTable="Users" 
        roleNameCol="roleName"
/>

配置2-数据源领域:

在.../webapps/testapp/META-INF/context.xml中:

<Realm  className="org.apache.catalina.realm.DataSourceRealm" 
        digest="MD5"
        userTable="Users" 
        userNameCol="name" 
        userCredCol="password"
        userRoleTable="Users" 
        roleNameCol="roleName"
        dataSourceName="jdbc/testDB"
/>

在.../conf/context.xml中:

<Resource 
    name="jdbc/testDB" 
    auth="Container" 
    type="javax.sql.DataSource" 
    removeAbandoned="true" 
    removeAbandonedTimeout="15" 
    maxActive="5" 
    maxIdle="5" 
    maxWait="7000" 
    username="mysqluser"
    password="redacted"
    driverClassName="com.mysql.jdbc.Driver"
    url="jdbc:mysql://192.168.1.5/testdb?autoReconnectForPools=true&amp;characterEncoding=UTF-8"
    factory="com.mycompany.util.configuration.customfactory"
    validationQuery="SELECT '1';"
    testOnBorrow="true"/>

由于我不清楚的原因，配置1适用于我们，但配置2不适用于我们.请注意，我们使用来自配置2的Context.xml资源在整个地方通过我们的代码连接到MySQL，并且效果很好.但是，当tomcat Realm尝试使用它时，即使它似乎与配置1做相同的事情，认证也总是会失败.

For reasons I'm not clear on, Configuration 1 works for us, but Configuration 2 does not. Note that we use the Context.xml resource from Configuration 2 to connect to MySQL in our code all over the place, and it works great. When a tomcat Realm tries to use it, however, authentication always fails, even though it appears to be doing the same thing as Configuration 1.

有人对为什么会这样有任何见识吗?

Anyone have any insight as to why this might be?

推荐答案

假设您有DataSource在其他地方(例如Servlet)工作，您要做的就是将localDataSource="true"添加到Realm decleration中，以便领域是:

Assuming that you have the DataSource working elsewhere (in, say, Servlets), all you have to do is add localDataSource="true" to the Realm decleration such that the Realm is:

<Realm  className="org.apache.catalina.realm.DataSourceRealm"
    localDataSource="true"
    digest="MD5"
    userTable="Users" 
    userNameCol="name" 
    userCredCol="password"
    userRoleTable="Users" 
    roleNameCol="roleName"
    dataSourceName="jdbc/testDB"
/>

至少，这对我有用.

完美地说，尽管有此参数的名称，也可以100％清除，如果您不想这样做，则不需要将DataSource放在Webapp的context.xml内.服务器的上下文XML可以正常工作.

To be perfectly, 100% clear, despite the name of this parameter, you do NOT need to put the DataSource inside of the Webapp's context.xml if you don't want to; the server's context XML will work just fine.

这篇关于Tomcat JDBC与数据源领域的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！