我正在尝试将DatasourceRealm Security实现为测试jsp webapp。
这是我的安全约束的web.xml配置
<security-role>
<description>application administrator</description>
<role-name>administrator</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/administration/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>administrator</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Admin Login</realm-name>
</login-config>
和我的context.xml
<Context path="/TipTrip0.22">
<Resource auth="Container" driverClassName="oracle.jdbc.driver.OracleDriver" logAbandoned="true"
maxActive="100" maxIdle="30" maxWait="10000" name="jdbc/triptip" password="jijikos"
removeAbandoned="true" removeAbandonedTimeout="60" type="javax.sql.DataSource"
url="jdbc:oracle:thin:@localhost:1521:XE" username="spirus"/>
<Realm className="org.apache.catalina.realm.DataSourceRealm" debug="99"
dataSourceName="jdbc/triptip" localDataSource="true"
userTable="Users" userNameCol="Emailaddress" userCredCol="Password"
userRoleTable="Users" roleNameCol="Type"/>
</Context>
Tomcats弹出验证工作,虽然只有一次!第一次成功输入凭据后,即使重新启动应用程序,也可以直接访问网址! 我也无法成功登录用户,在实现安全约束之前工作正常,获得以下堆栈跟踪:
Nov 16, 2014 1:05:58 AM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [LogInServlet] in context with path [/TipTrip0.22] threw exception
java.lang.NullPointerException
at data.ConnectionPool.getConnection(ConnectionPool.java:44)
at data.UserDB.selectUser(UserDB.java:111)
at appUsers.LogInServlet.doPost(LogInServlet.java:35)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2441)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2430)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
为什么会发生这种情况?
使用:jdk-7u51 Windows7 Tomcat 7.0.52 Netbeans 7.4 Oracle XE11g2
答案 0 :(得分:0)
似乎在Resource元素内声明的名称不一致 从ConnectionPool类调用时
InitialContext ic = new InitialContext();
dataSource = (DataSource) ic.lookup("java:/comp/env/jdbc/spirus");
所有需要的是在context.xml中声明的tiptrip替换spirus