Как исправить Tomcat ПРЕДУПРЕЖДЕНИЕ. Была предпринята попытка аутентификации заблокированного пользователя?
Я использую Tomcat 7 для Spring и JPA Application, базу данных MySQL. Все работает нормально. Но иногда возникает проблема аутентификации realm.LockOutRealm. Я также использовал пул соединений в своем приложении, например:
persistence.xml:
<properties>
<property name="hibernate.connection.username" value="---"/>
<property name="hibernate.connection.driver_class" value="com.mysql.jdbc.Driver"/>
<property name="hibernate.connection.password" value="----------"/>
<property name="hibernate.connection.url" value="jdbc:mysql://----------?autoReconnect=true"/>
<!--Connection Pooling c3p0 configuration-->
<!--Minimum number of JDBC connections in the pool. Hibernate default: 1-->
<property name="hibernate.c3p0.min_size" value="5"/>
<!--Maximum number of JDBC connections in the pool. Hibernate default: 100-->
<property name="hibernate.c3p0.max_size" value="20"/>
<!--When an idle connection is removed from the pool (in second). Hibernate default: 0, never expire.-->
<property name="hibernate.c3p0.timeout" value="300"/>
<!--Number of prepared statements will be cached. Increase performance. Hibernate default: 0 , caching is disable.-->
<property name="hibernate.c3p0.max_statements" value="50"/>
<!--idle time in seconds before a connection is automatically validated. Hibernate default: 0-->
<property name="hibernate.c3p0.idle_test_period" value="300"/>
</properties>
и область в server.xml выглядит так:
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
Я ищу в сети, но не могу найти решение по этому поводу. есть ли кто-нибудь на атаку грубой силой, и если есть, то каково решение этого.
Ошибка входа в системуCatelina.out в это:
Mar 02, 2013 3:28:34 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "tomcat"
Mar 02, 2013 3:29:49 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "tomcat"
Mar 02, 2013 3:31:04 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "tomcat"
Mar 02, 2013 3:37:25 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "admin"
Mar 02, 2013 3:38:47 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "admin"
Mar 02, 2013 3:39:58 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "admin"
Mar 02, 2013 3:46:31 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "coyote"
Mar 02, 2013 3:52:49 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "manager"
Mar 02, 2013 3:59:03 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "administrator"
Mar 02, 2013 4:06:38 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "root"
Mar 02, 2013 4:07:52 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "root"
Mar 02, 2013 4:09:17 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "root"
Mar 02, 2013 4:10:35 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "root"
Mar 02, 2013 4:11:47 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "root"
Mar 02, 2013 4:13:02 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "root"
Mar 02, 2013 4:14:17 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "root"
Mar 02, 2013 4:15:34 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "root"
> Hibernate: select
----------------------------------
javax.persistence.PersistenceException:
org.hibernate.exception.JDBCConnectionException: could not execute query
(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:1118)
at com.mysql.jdbc.MysqlIO.send(MysqlIO.java:3321)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1940)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2113)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2568)
at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:2113)
at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:2275)
at com.mchange.v2.c3p0.impl.NewProxyPreparedStatement.executeQuery(NewProxyPreparedStatement.java:116)
at org.hibernate.jdbc.AbstractBatcher.getResultSet(AbstractBatcher.java:186)
at org.hibernate.loader.Loader.getResultSet(Loader.java:1787)
at org.hibernate.loader.Loader.doQuery(Loader.java:674)
at org.hibernate.loader.Loader.doQueryAndInitializeNonLazyCollections(Loader.java:236)
at org.hibernate.loader.Loader.doList(Loader.java:2220)
... 39 more
Caused by: java.net.SocketException: Broken pipe