Tomcat을 수정하는 방법 경고 : 잠긴 사용자를 인증하려고 시도 했습니까?

Question

저는 Spring과 JPA Application, database MySQL에 Tomcat 7을 사용하고 있습니다. 모든 것이 잘 작동하지만 언젠가는 realm.LockOutRealm 인증 문제가 발생합니다. 나는 또한처럼 내 응용 프로그램에서 연결 풀링을 사용 :

의 persistence.xml :

<properties> 
     <property name="hibernate.connection.username" value="---"/> 
     <property name="hibernate.connection.driver_class" value="com.mysql.jdbc.Driver"/> 
     <property name="hibernate.connection.password" value="----------"/> 
     <property name="hibernate.connection.url" value="jdbc:mysql://----------?autoReconnect=true"/> 
     <!--Connection Pooling c3p0 configuration--> 
     <!--Minimum number of JDBC connections in the pool. Hibernate default: 1--> 
     <property name="hibernate.c3p0.min_size" value="5"/> 
     <!--Maximum number of JDBC connections in the pool. Hibernate default: 100--> 
     <property name="hibernate.c3p0.max_size" value="20"/> 
     <!--When an idle connection is removed from the pool (in second). Hibernate default: 0, never expire.--> 
     <property name="hibernate.c3p0.timeout" value="300"/> 
     <!--Number of prepared statements will be cached. Increase performance. Hibernate default: 0 , caching is disable.--> 
     <property name="hibernate.c3p0.max_statements" value="50"/> 
     <!--idle time in seconds before a connection is automatically validated. Hibernate default: 0--> 
     <property name="hibernate.c3p0.idle_test_period" value="300"/> 
</properties> 

및 server.xml의 영역이 보이는 같은 : 나는 인터넷에서 검색

<!-- Use the LockOutRealm to prevent attempts to guess user passwords 
      via a brute-force attack --> 
     <Realm className="org.apache.catalina.realm.LockOutRealm"> 
     <!-- This Realm uses the UserDatabase configured in the global JNDI 
      resources under the key "UserDatabase". Any edits 
      that are performed against this UserDatabase are immediately 
      available for use by the Realm. --> 
     <Realm className="org.apache.catalina.realm.UserDatabaseRealm" 
       resourceName="UserDatabase"/> 
     </Realm> 

     <Host name="localhost" appBase="webapps" 
      unpackWARs="true" autoDeploy="true"> 

     <!-- SingleSignOn valve, share authentication between web applications 
      Documentation at: /docs/config/valve.html --> 
     <!-- 
     <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> 
     --> 

하지만, 이것에 대한 해결책을 찾지 못했습니다. 무자비한 공격을당한 사람이 있고, 그 해결책이 무엇인지 알 수 있습니다. 에서 Catelina.out에서

오류 로그는 다음과 같습니다 위의

Mar 02, 2013 3:28:34 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Mar 02, 2013 3:29:49 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Mar 02, 2013 3:31:04 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Mar 02, 2013 3:37:25 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "admin" 
Mar 02, 2013 3:38:47 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "admin" 
Mar 02, 2013 3:39:58 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "admin" 
Mar 02, 2013 3:46:31 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "coyote" 
Mar 02, 2013 3:52:49 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "manager" 
Mar 02, 2013 3:59:03 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "administrator" 
Mar 02, 2013 4:06:38 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "root" 
Mar 02, 2013 4:07:52 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "root" 
Mar 02, 2013 4:09:17 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "root" 
Mar 02, 2013 4:10:35 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "root" 
Mar 02, 2013 4:11:47 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "root" 
Mar 02, 2013 4:13:02 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "root" 
Mar 02, 2013 4:14:17 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "root" 
Mar 02, 2013 4:15:34 PM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "root" 

> Hibernate: select 

---------------------------------- 
javax.persistence.PersistenceException: 
org.hibernate.exception.JDBCConnectionException: could not execute query 

(DelegatingConstructorAccessorImpl.java:45) 
    at java.lang.reflect.Constructor.newInstance(Constructor.java:525) 
    at com.mysql.jdbc.Util.handleNewInstance(Util.java:409) 
    at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:1118) 
    at com.mysql.jdbc.MysqlIO.send(MysqlIO.java:3321) 
    at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1940) 
    at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2113) 
    at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2568) 
    at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:2113) 
    at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:2275) 
    at com.mchange.v2.c3p0.impl.NewProxyPreparedStatement.executeQuery(NewProxyPreparedStatement.java:116) 
    at org.hibernate.jdbc.AbstractBatcher.getResultSet(AbstractBatcher.java:186) 
    at org.hibernate.loader.Loader.getResultSet(Loader.java:1787) 
    at org.hibernate.loader.Loader.doQuery(Loader.java:674) 
    at org.hibernate.loader.Loader.doQueryAndInitializeNonLazyCollections(Loader.java:236) 
    at org.hibernate.loader.Loader.doList(Loader.java:2220) 
    ... 39 more 
Caused by: java.net.SocketException: Broken pipe 

Answer 1

경고 당신이 한 번 이상 바람둥이 많은 사용자를 인증하지 못하는 것을 의미한다. Tomcat은 사용자 tomcat에 대한 무차별 공격이라고 의심합니다.

응용 프로그램에서 사용하는 인증은 무엇입니까? 응용 프로그램의 web.xml에서 사용하는 로그인 구성은 무엇입니까?

resourceName "UserDatabase"의 기본 구성은 conf/tomcat-users.xml 파일입니다. resourceName "UserDatabase"의 구성을 변경 했습니까?

<Resource name="UserDatabase" auth="Container" 
       type="org.apache.catalina.UserDatabase" 
       description="User database that can be updated and saved" 
       factory="org.apache.catalina.users.MemoryUserDatabaseFactory" 
       pathname="conf/tomcat-users.xml" /> 

은 기본적으로 모든 사용자가 주석 :

당신은 server.xml 파일의 자원 사용자 데이터베이스의 구성을 찾을 수 있습니다. XML 파일에서 사용자와 함께 작업하려면 주석 처리를 제거해야합니다.

이에이기 때문에 :

는

Answer 2

_{(이 페이지에 16K 방문자에게}

마이클,

<tomcat-users> 
    <role rolename="tomcat"/> 
    <user username="tomcat" password="tomcat" roles="tomcat"/> 
</tomcat-users> 

감사합니다 : 그런 다음 사용자 바람둥이로 로그인 할 수 있습니다 그럼, 독자들이 개발자라고 가정합니다.)

이 오류는 잘못된 사용자/패스로 로그인하려고하는 스크립트/사용자가 있음을 나타냅니다. 이 문제를 간단하게 해결하려면 ApacheTomcat\conf\tomcat-users.xml 및 파일에 올바른 사용자/전달 쌍을 추가하고 서버를 다시 시작하십시오..

역할이 올바르게 설정되어 있는지 확인하십시오. 예 : .

<?xml version='1.0' encoding='utf-8'?> 
<tomcat-users> 
    <role rolename="manager-gui"/> 
    <user username="foobar" password="foobar" roles="tomcat,role1, manager-gui "/> 
</tomcat-users>