#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2001
    Posts
    4
    Rep Power
    0

    JDBC Security Realms


    I'm trying to set up a JDBC security realm for the first time. I have things set up so that Tomcat redirects to the login page when requesting an authenticated resource. So far so good ... however when I type a username/password pair, and click submit the login system throws a NULL pointer exception (follows). This is the only error information I can find. Anyone seen this before?

    2002-02-05 14:58:38 HttpProcessor[8080][4] process.invoke
    java.lang.NullPointerException
    at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:379)
    at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:326)
    at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:263)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:459)
    at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
    at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
    at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
    at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2344)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
    at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
    at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
    at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:170)
    at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:462)
    at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
    at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
    at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:163)
    at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
    at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
    at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
    at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1011)
    at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1106)
    at java.lang.Thread.run(Thread.java:484)
  2. #2
  3. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2001
    Posts
    4
    Rep Power
    0
    Figured this out from the source code. Looks like tomcat assumes that if the query to find the user is successful, the password will also be present:

    while (rs.next()) {
    dbCredentials = rs.getString(1).trim();
    }

    For this first test, my user table had a username but no password, so the null pointer exception must of occured when trim was being called on a non existant string.

IMN logo majestic logo threadwatch logo seochat tools logo