Thread: permissions

permissions

From
tony
Date:
The scene: Tony re-writing his HOWTO

The players: Tomcat4, Postgresql 7.2

The plot: writing to page the definitive guide on file permissions so
that Tomcat can talk to Postgresql via JDBC.

All that in place - the install on my development machine gives the
following result:

    - I can read fronm the database. The web app functions perfectly and
with Tomcat4/Postgresql 7.2 much faster (no benchmarks, just human
"feels snappier")

    - when I try to login to the administration pages I get chucked out...
javax.servlet.ServletException: Connection refused. Check that the
hostname and port is correct, and that the postmaster is running with
the -i flag, which enables TCP/IP networking.

YES IT IS FOR PETES SAKE!!!!!!

My question for the weekend is "what files/applications should have what
read/write permissions?".

In fact I feel that this is a much wider Unix/Linux question which is
one of the major problems for newcomers. I am not (a newcomer) but have
had trouble (coming from the Mac) understanding what is what since
1997...

We have three users: tony (thats me =;-{ ), postgres and tomcat4. tony
is via JDBC trying to send a login/password combination via JSP to
tomcat4. tomcat4 is validating the password against a table in
postgresql and getting the errror above.

tomcat doesn't have (decent) docs (now you know why I wrote a HOWTO)
postgresql has good docs (If I said "great" you would get sloppy...).
But there is no place where it is written in stone who should own what.

help

Cheers

Tony

--
RedHat Linux on Sony Vaio C1XD/S
http://www.animaproductions.com/linux2.html
Macromedia UltraDev with PostgreSQL
http://www.animaproductions.com/ultra.html


Re: permissions

From
Doug McNaught
Date:
tony <tony@animaproductions.com> writes:

>     - I can read fronm the database. The web app functions perfectly and
> with Tomcat4/Postgresql 7.2 much faster (no benchmarks, just human
> "feels snappier")
>
>     - when I try to login to the administration pages I get chucked out...
> javax.servlet.ServletException: Connection refused. Check that the
> hostname and port is correct, and that the postmaster is running with
> the -i flag, which enables TCP/IP networking.
>
> YES IT IS FOR PETES SAKE!!!!!!
>
> My question for the weekend is "what files/applications should have what
> read/write permissions?".

So you're saying that part of your web app works fine and talks to the
database, and part of it doesn't?  What are the differences between
the parts?

> In fact I feel that this is a much wider Unix/Linux question which is
> one of the major problems for newcomers. I am not (a newcomer) but have
> had trouble (coming from the Mac) understanding what is what since
> 1997...
>
> We have three users: tony (thats me =;-{ ), postgres and tomcat4. tony
> is via JDBC trying to send a login/password combination via JSP to
> tomcat4. tomcat4 is validating the password against a table in
> postgresql and getting the errror above.
>
> tomcat doesn't have (decent) docs (now you know why I wrote a HOWTO)
> postgresql has good docs (If I said "great" you would get sloppy...).
> But there is no place where it is written in stone who should own what.

The error you're getting indicates that the DB connection URL used by
that part of the web app is wrong.  I doubt it's a file permissions
error at all.

-Doug
--
Let us cross over the river, and rest under the shade of the trees.
   --T. J. Jackson, 1863

Re: permissions

From
tony
Date:
On Sat, 2002-02-23 at 15:06, Doug McNaught wrote:

> So you're saying that part of your web app works fine and talks to the
> database, and part of it doesn't?  What are the differences between
> the parts?

The administration pages are protected by a login page. Each page has a
Macromedia "restrict user" script which checks to se if the user is
logged in.

> The error you're getting indicates that the DB connection URL used by
> that part of the web app is wrong.  I doubt it's a file permissions
> error at all.

The connection details are in Connection/name.jsp and this is included
in the page on the fly. e.g.

<%@ include file="Connections/frac.jsp" %>
<%
Driver Driverdocumentation =
(Driver)Class.forName(MM_frac_DRIVER).newInstance();
Connection Conndocumentation =
DriverManager.getConnection(MM_frac_STRING,MM_frac_USERNAME,MM_frac_PASSWORD);

I can see your point about the connection URL but it is only in one
place for the whole app. Not being able to connect at all seems logical
in this case...

It seems that the login part is not working i.e. the request to the
password table is failing. tony, postgres and tomcat4 are all database
users, tony owns the database.

Really stumped on this one

Cheers

Tony


--
RedHat Linux on Sony Vaio C1XD/S
http://www.animaproductions.com/linux2.html
Macromedia UltraDev with PostgreSQL
http://www.animaproductions.com/ultra.html


Re: permissions

From
Doug McNaught
Date:
tony <tony@animaproductions.com> writes:

> On Sat, 2002-02-23 at 15:06, Doug McNaught wrote:
>
> > So you're saying that part of your web app works fine and talks to the
> > database, and part of it doesn't?  What are the differences between
> > the parts?
>
> The administration pages are protected by a login page. Each page has a
> Macromedia "restrict user" script which checks to se if the user is
> logged in.

Hmm, I don't know anything about that (I stay away from proprietary
frameworks), but it sounds like it could be the problem.

> > The error you're getting indicates that the DB connection URL used by
> > that part of the web app is wrong.  I doubt it's a file permissions
> > error at all.
>
> The connection details are in Connection/name.jsp and this is included
> in the page on the fly. e.g.
>
> <%@ include file="Connections/frac.jsp" %>
> <%
> Driver Driverdocumentation =
> (Driver)Class.forName(MM_frac_DRIVER).newInstance();
> Connection Conndocumentation =
> DriverManager.getConnection(MM_frac_STRING,MM_frac_USERNAME,MM_frac_PASSWORD);

Hmm, what are the contents of 'frac.jsp'?

> I can see your point about the connection URL but it is only in one
> place for the whole app. Not being able to connect at all seems logical
> in this case...
>
> It seems that the login part is not working i.e. the request to the
> password table is failing. tony, postgres and tomcat4 are all database
> users, tony owns the database.

If it was a problem with table permissions, you wouldn't be getting
"connection refused", you'd be getting "permission denied".

"Connection refused" has a very specific meaning--you are trying to
connect to a port that no server is listening on.

-Doug
--
Let us cross over the river, and rest under the shade of the trees.
   --T. J. Jackson, 1863

Re: permissions

From
tony
Date:
On Sat, 2002-02-23 at 18:21, Doug McNaught wrote:


> Hmm, what are the contents of 'frac.jsp'?

It contains the org.postgresql.Driver jdbc:postgresql://host/database
user and password information that would normally be in the header of
each page.

I saw a message go by that spoke of the org.postgresql.Driver bit being
changed for jdk 1.4. Is that the case?

As I set up my developpment server I changed the host details to the IP
of my test machine. Otherwise this app is running on the clients server
with no problems...

Thanks

Tony

--
RedHat Linux on Sony Vaio C1XD/S
http://www.animaproductions.com/linux2.html
Macromedia UltraDev with PostgreSQL
http://www.animaproductions.com/ultra.html


Re: permissions

From
Doug McNaught
Date:
tony <tony@animaproductions.com> writes:

> On Sat, 2002-02-23 at 18:21, Doug McNaught wrote:
>
>
> > Hmm, what are the contents of 'frac.jsp'?
>
> It contains the org.postgresql.Driver jdbc:postgresql://host/database
> user and password information that would normally be in the header of
> each page.
>
> I saw a message go by that spoke of the org.postgresql.Driver bit being
> changed for jdk 1.4. Is that the case?

I dunno--still running 1.3.1 everywhere.  I'm conservative.  ;)
Anyhow, if part of the app does connect to the database successfully,
that's not the problem.

> As I set up my developpment server I changed the host details to the IP
> of my test machine. Otherwise this app is running on the clients server
> with no problems...

I don't really have much more to offer.  I would suspect whatever
Macromedia thing you're using for authentication, just because it
seems to be the difference between the parts that work and those that
don't.

Good luck...

-Doug
--
Let us cross over the river, and rest under the shade of the trees.
   --T. J. Jackson, 1863