PDA

View Full Version : Resin 3.1.9 Authentication


SkillAdvance
04-21-2010, 08:41 PM
I'm trying to set up JDBC authentication on a Resin 3.1.9 server - initially on my own system and ultimately on the server used by my hosting company. I've spent the best part of the last three days going round in circles and cannot manage to get anywhere.

The documentation at http://www.caucho.com/resin-3.1/doc/resin-security.xtp appears to be broken, which isn't helping me!

Is there any step-by-step documentation that I can see, which will clarify the process for me?

I have a working database, but haven't gotten that far, since I'm trying to use XML authentication initially. The example at http://caucho.com/resin-3.1/examples/security-basic/index.xtp is also a little bit unclear.

Thanks for any additional help or sources that you can suggest.

Regards,

Jeremy

emil
04-22-2010, 12:34 AM
Hi Jeremy,

There's a quick reference on the wiki:

http://wiki.caucho.com/Authenticator#JdbcAuthenticator

Basically, it just queries the database you give it with a password query (default: "SELECT password FROM LOGIN WHERE username=?") and queries and updates a cookie field (column name: "cookie") based on log ins. Let me know if there's something specific that you can't find the answer for.

Best,
Emil

SkillAdvance
04-23-2010, 08:59 PM
Emil, thank you - I did finally manage to make a reliable login mechanism against a JDBC database.

Part 2 is logging out! I'm unable - as I note other people are finding on Resin 3.1.9 - to invalidate a session.

Even if I close and reopen my browser, the 'caucho.login' attribute remains and therefore the session is still connected. I'm sure I've misconfigured something but for the life of me cannot work out what that might be.

I've stayed away from 'resin.conf' since my live application will be running on a shared installation and I have no control on that, just to web.xml and resin-web.xml.

More help will be gratefully accepted.

Thanks again,

Jeremy