Tomcat 8.5 JDBC领域,具有盐腌密码摘要:身份验证失败
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Tomcat 8.5 JDBC领域,具有盐腌密码摘要:身份验证失败相关的知识,希望对你有一定的参考价值。
我正在尝试使用摘要密码运行身份验证。不幸的是,身份验证失败并显示401错误。
server.xml
<?xml version="1.0" encoding="UTF-8"?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase">
<CredentialHandler className="org.apache.catalina.realm.MessageDigestCredentialHandler" algorithm="SHA-512" />
</Realm>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="com.mysql.jdbc.Driver"
connectionURL="jdbc:mysql://localhost:3306/usersdb?user=root&password=MySQL_Password"
userTable="users"
userNameCol="user_name"
userCredCol="user_pass"
userRoleTable="user_roles"
roleNameCol="role_name">
<CredentialHandler className="org.apache.catalina.realm.MessageDigestCredentialHandler"
algorithm="SHA-512"
iterations="3"
saltLength="8"
/>
</Realm>
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
在我的数据库usersdb中,有一个名为users的表,其中包含user_name和user_pass列。此外,还有具有user_roles和user_name的表role_name。
我的用户名为syncuser,它的角色为users.sync。
我通过以下方式提取密码
digest.bat -a sha-512 -i 3 -s 8 -h org.apache.catalina.realm.MessageDigestCredentialHandler MySyncPassword
MySyncPassword:5800a4431c85d7a2$3$81a3cbfe53c94b128c1a37e5101cc7d5c5c69f4b4d4262113247a6db79bb5f8bcdcf57df8b2e1980d954be4ece50c40d862c866d3c44e2fc02cd6ecebcc4a830
我将整个字符串5800a4431c85d7a2$3$81a3cbfe53c94b128c1a37e5101cc7d5c5c69f4b4d4262113247a6db79bb5f8bcdcf57df8b2e1980d954be4ece50c40d862c866d3c44e2fc02cd6ecebcc4a830放入了user_pass列。
在项目内部的web.xml的底部,我有
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-constraint>
<display-name>My Magical Project Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>ServerBackend</web-resource-name>
<url-pattern>/SyncServlet</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>users.sync</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>users.sync</role-name>
</security-role>
<security-role>
<role-name>*</role-name>
</security-role>
</web-app>
我已经用MD5加密,1次迭代和0盐的简单方式进行了所有尝试。问题仍然存在。
答案
原来,我在tomcat服务器上缺少JDBC驱动程序库。服务器控制台中未显示ClassNotFoundException。
以上是关于Tomcat 8.5 JDBC领域,具有盐腌密码摘要:身份验证失败的主要内容,如果未能解决你的问题,请参考以下文章
tomcat设置账号密码并开启远程操控(8.5以后版本不支持远程操控) 开启远程操控
在具有 Java 8 的嵌入式 Tomcat 8.5 上启用 TLS 握手的可观察性(日志记录/指标)