Unfortunately, the LDAP server is on Domino and the only guy who worked on
it quit.
And I don't know enough about Domino to access it's logs or figure out the
answers to the questions below.
Here's what is appearing in the Tomcat logs:
2004-08-11 10:43:23 JNDIRealm[deepa.myinfogenic.net]:
lookupUser(dramamurthy)
2004-08-11 10:43:23 JNDIRealm[deepa.myinfogenic.net]: dn=O=Infogenic
2004-08-11 10:43:23 JNDIRealm[deepa.myinfogenic.net]: validating
credentials by binding as the user
2004-08-11 10:43:23 JNDIRealm[deepa.myinfogenic.net]: binding as
O=Infogenic
2004-08-11 10:43:23 JNDIRealm[deepa.myinfogenic.net]: bind attempt
failed
2004-08-11 10:43:23 JNDIRealm[deepa.myinfogenic.net]: Username dramamurthy
NOT successfully authenticated
I ran the sample GetattrsAll program on java.sun.com.
Here's what it returned:
[EMAIL PROTECTED] dramamurthy]$ java GetattrsAll
attribute: mail
value: [EMAIL PROTECTED]
attribute: uid
value: DRamamurthy
attribute: givenname
value: Deepa
attribute: objectclass
value: dominoPerson
value: inetOrgPerson
value: organizationalPerson
value: person
value: top
attribute: maildomain
value: Infogenic
attribute: mailserver
value: CN=Lexy,O=Infogenic
attribute: cn
value: Deepa Ramamurthy
Thanks.
Deepa
QM [EMAIL PROTECTED]
08/10/2004 07:44 PM
Please respond to Tomcat Users List
To: Tomcat Users List [EMAIL PROTECTED]
cc:
Subject:Re: Tomcat 5 and JNDIRealm
On Tue, Aug 10, 2004 at 03:52:16PM -0500, Deepa Ramamurthy wrote:
: My webapp is running on Tomcat 5.0.
: I've been trying to set it up to use the LDAP server for authentication
: without any luck.
Details, details:
- what do you experience when you try to login? What's in the logs,
both for Tomcat and the LDAP server? (Increase log verbosity on
both for the purposes of your test. You'd be surprised what gremlins
are lurking ;)
- does your LDAP directory have the proper attributes for user roles and
such?
- does the directory use a password hashing expected by JNDIRealm)?
- have you tried running LDAP queries using the roleSearch criteria
specified in the Realm/ element?
Providing the server.xml and web.xml was a good start, but we'll need
more info.
-QM
--
software -- http://www.brandxdev.net
tech news -- http://www.RoarNetworX.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]