SEVERE: jdbcrealm.invaliduserreason WEB9102: Web Login Failed

lv10 picture lv10 · Jun 13, 2012 · Viewed 11k times · Source

I'm trying to get my login form to with a MySQL Database and keep on getting the following error:

[update] --> I made some modification today this is what I'm getting right now:

SEVERE: jdbcrealm.invaliduserreason
WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception
WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception
WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception

That's all I get from the stack trace. I'm following this tutorial: http://blog.eisele.net/2011/01/jdbc-security-realm-and-form-based.html

This is my mapping on glassfish-web.xml:

  <security-role-mapping>
    <role-name>user</role-name>
    <group-name>user</group-name>
  </security-role-mapping>

This is my web.xml:

<security-constraint>
    <display-name>user</display-name>
    <web-resource-collection>
        <web-resource-name>Users Area</web-resource-name>
        <description>Protected Users Area</description>
        <url-pattern>/user/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>PUT</http-method>
        <http-method>HEAD</http-method>
        <http-method>POST</http-method>
        <http-method>OPTIONS</http-method>
        <http-method>TRACE</http-method>
        <http-method>DELETE</http-method>
    </web-resource-collection>
    <auth-constraint>
        <description/>
        <role-name>user</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>jdbcRealm</realm-name>
    <form-login-config>
        <form-login-page>/login.jsp</form-login-page>
        <form-error-page>/login-error.jsp</form-error-page>
    </form-login-config>
</login-config>
<security-role>
    <description>user security role</description>
    <role-name>user</role-name>
</security-role>

This is my login form:

    <form action="j_security_check" class="form" method="post">

            <p class="email">
                    <input type="text" name="j_username" id="j_username"/>
                    <label for="j_username">E-mail / Username</label>
            </p>

            <p class="pwd">
                    <input type="password" name="j_password" id="j_password" />
                    <label for="j_password">Password</label>
            </p>

            <p class="submit">
                    <input name="login" type="submit" value="Login" /> 
                    <input name="reset_pwd" type="submit" value="Reset Password">                                                                                                                              
            </p>

    </form>

This a screenshot of my realm setup in the server. I didn't use encryption to simplify things for the moment: Realm

Since I have nothing else in the stack but what I posted above. I'm really not sure what's wrong. I would appreciate if anyone can me a push in the right direction.

Answer

Pierre C picture Pierre C · Jul 21, 2012

In your jdbcRealm setup in Glassfish, be sure to write "none" in the Algorithm (instead of SHA-256 or anything else). If you leave the field blank, it won't work.

Hope this helps...