SEVERE: jdbcrealm.invaliduserreason WEB9102: Web Login Failed

Question

I'm trying to get my login form to with a MySQL Database and keep on getting the following error:

[update] --> I made some modification today this is what I'm getting right now:

SEVERE: jdbcrealm.invaliduserreason
WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception
WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception
WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception

That's all I get from the stack trace. I'm following this tutorial: http://blog.eisele.net/2011/01/jdbc-security-realm-and-form-based.html

This is my mapping on glassfish-web.xml:

  <security-role-mapping>
    <role-name>user</role-name>
    <group-name>user</group-name>
  </security-role-mapping>

This is my web.xml:

<security-constraint>
    <display-name>user</display-name>
    <web-resource-collection>
        <web-resource-name>Users Area</web-resource-name>
        <description>Protected Users Area</description>
        <url-pattern>/user/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>PUT</http-method>
        <http-method>HEAD</http-method>
        <http-method>POST</http-method>
        <http-method>OPTIONS</http-method>
        <http-method>TRACE</http-method>
        <http-method>DELETE</http-method>
    </web-resource-collection>
    <auth-constraint>
        <description/>
        <role-name>user</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>jdbcRealm</realm-name>
    <form-login-config>
        <form-login-page>/login.jsp</form-login-page>
        <form-error-page>/login-error.jsp</form-error-page>
    </form-login-config>
</login-config>
<security-role>
    <description>user security role</description>
    <role-name>user</role-name>
</security-role>

This is my login form:

    <form action="j_security_check" class="form" method="post">

            <p class="email">
                    <input type="text" name="j_username" id="j_username"/>
                    <label for="j_username">E-mail / Username</label>
            </p>

            <p class="pwd">
                    <input type="password" name="j_password" id="j_password" />
                    <label for="j_password">Password</label>
            </p>

            <p class="submit">
                    <input name="login" type="submit" value="Login" /> 
                    <input name="reset_pwd" type="submit" value="Reset Password">                                                                                                                              
            </p>

    </form>

This a screenshot of my realm setup in the server. I didn't use encryption to simplify things for the moment:

Since I have nothing else in the stack but what I posted above. I'm really not sure what's wrong. I would appreciate if anyone can me a push in the right direction.

Answer 1

In your jdbcRealm setup in Glassfish, be sure to write "none" in the Algorithm (instead of SHA-256 or anything else). If you leave the field blank, it won't work.

Hope this helps...

Answer 2

Silly and neat thing that fixed it for me; Realms were small letters esp in table and coloumn names, where they were caps in my mysql db. Remember to check your case sensitivity of your tables in your Realms.

Answer 3

If you are using Glassfish 4 you need to complete the fields Database User and Database Password, which appears in Settings -> server-config -> Security -> Realms -> (jdbcRealm)

enter image description here