JDBC Security Realms

I'm trying to set up a JDBC security realm for the first time. I have things set up so that Tomcat redirects to the login page when requesting an authenticated resource. So far so good ... however when I type a username/password pair, and click submit the login system throws a NULL pointer exception (follows). This is the only error information I can find. Anyone seen this before?

2002-02-05 14:58:38 HttpProcessor[8080][4] process.invoke
java.lang.NullPointerException
at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:379)
at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:326)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:263)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:459)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2344)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:170)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:462)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:163)
at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1011)
at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1106)
at java.lang.Thread.run(Thread.java:484)

Figured this out from the source code. Looks like tomcat assumes that if the query to find the user is successful, the password will also be present:

while (rs.next()) {
dbCredentials = rs.getString(1).trim();
}

For this first test, my user table had a username but no password, so the null pointer exception must of occured when trim was being called on a non existant string.