Urgent -- Need help configuring JNDI realm
Hi,
I need help in configuring the JNDI Realm to connect to LDAP Server and
authenticate users. Here are the details:
CN=AUTH,OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com - *AUTH is the group in which
i have to search if the user is a member of or not. All the members in this
group are defined in OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com*
**
This group has members who are defined in
CN=User,OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com
*I have set my JNDIRealm tag in server.xml as follows:*
Realm className=org.apache.catalina.realm.JNDIRealm
connectionName=CN=123,OU=Serv-Accts,OU=PAS,OU=Resrc,DC=rma,DC=corp,DC=ABC,DC=com
connectionPassword=pwd
connectionURL=ldap://hostname:port debug=99
*roleBase*=OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com
*roleSubtree*=true
*roleName*=cn
*roleSearch*=CN=AUTH,OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com
*userBase*=OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com
*userSubtree*=true
*userPattern*=CN={0},OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com/
*The web.xml is as follows:*
**
security-constraint
display-nameSecurity Constraint/display-name
web-resource-collection
web-resource-nameProtected Area/web-resource-name
!-- Define the context-relative URL(s) to be protected --
url-pattern/*/url-pattern
!-- If you list http methods, only those methods are protected --
/web-resource-collection
auth-constraint
!-- Anyone with one of the listed roles may access this area --
role-name*AUTH*/role-name
/auth-constraint
/security-constraint
!-- Default login configuration uses form-based authentication --
login-config
auth-methodFORM/auth-method
realm-nameForm-Based Authentication Area/realm-name
form-login-config
form-login-page/Login.jsp/form-login-page
form-error-page/error.jsp/form-error-page
/form-login-config
/login-config
!-- Security roles referenced by this web application --
security-role
role-name*AUTH*/role-name
/security-role
Any help is appreciated.
Thanks,
Savitha
Re: Urgent -- Need help configuring JNDI realm
On 13/09/2011 19:20, Savitha Akella wrote: Hi, Any help is appreciated. http://catb.org/~esr/faqs/smart-questions.html p signature.asc Description: OpenPGP digital signature
Re: Urgent -- Need help configuring JNDI realm
Savitha you forgot to mention what was the problem that you were having.
Anyway, in your realm specification, for the connectionName you need
to specify the actual name of the user (i.e. admin) that is able to
log into the LDAP to do the lookup that you are interested in.
connectionPassword is the password for that user/admin.
Rudy
On Tue, Sep 13, 2011 at 11:20 AM, Savitha Akella
savitha.saraswa...@gmail.com wrote:
Hi,
I need help in configuring the JNDI Realm to connect to LDAP Server and
authenticate users. Here are the details:
CN=AUTH,OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com - *AUTH is the group in which
i have to search if the user is a member of or not. All the members in this
group are defined in OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com*
**
This group has members who are defined in
CN=User,OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com
*I have set my JNDIRealm tag in server.xml as follows:*
Realm className=org.apache.catalina.realm.JNDIRealm
connectionName=CN=123,OU=Serv-Accts,OU=PAS,OU=Resrc,DC=rma,DC=corp,DC=ABC,DC=com
connectionPassword=pwd
connectionURL=ldap://hostname:port debug=99
*roleBase*=OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com
*roleSubtree*=true
*roleName*=cn
*roleSearch*=CN=AUTH,OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com
*userBase*=OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com
*userSubtree*=true
*userPattern*=CN={0},OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com/
*The web.xml is as follows:*
**
security-constraint
display-nameSecurity Constraint/display-name
web-resource-collection
web-resource-nameProtected Area/web-resource-name
!-- Define the context-relative URL(s) to be protected --
url-pattern/*/url-pattern
!-- If you list http methods, only those methods are protected --
/web-resource-collection
auth-constraint
!-- Anyone with one of the listed roles may access this area --
role-name*AUTH*/role-name
/auth-constraint
/security-constraint
!-- Default login configuration uses form-based authentication --
login-config
auth-methodFORM/auth-method
realm-nameForm-Based Authentication Area/realm-name
form-login-config
form-login-page/Login.jsp/form-login-page
form-error-page/error.jsp/form-error-page
/form-login-config
/login-config
!-- Security roles referenced by this web application --
security-role
role-name*AUTH*/role-name
/security-role
Any help is appreciated.
Thanks,
Savitha
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Urgent -- Need help configuring JNDI realm
Hi Rudy,
Sorry that I missed out the problem. I can connect to the server but the
authentication of a member in the group AUTH is failing inspite of giving
proper credentials.
May be I have not configured properly.
Regards,
Savitha
On Tue, Sep 13, 2011 at 3:02 PM, Rudy Gireyev rgire...@gmail.com wrote:
Savitha you forgot to mention what was the problem that you were having.
Anyway, in your realm specification, for the connectionName you need
to specify the actual name of the user (i.e. admin) that is able to
log into the LDAP to do the lookup that you are interested in.
connectionPassword is the password for that user/admin.
Rudy
On Tue, Sep 13, 2011 at 11:20 AM, Savitha Akella
savitha.saraswa...@gmail.com wrote:
Hi,
I need help in configuring the JNDI Realm to connect to LDAP Server and
authenticate users. Here are the details:
CN=AUTH,OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com - *AUTH is the group in
which
i have to search if the user is a member of or not. All the members in
this
group are defined in OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com*
**
This group has members who are defined in
CN=User,OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com
*I have set my JNDIRealm tag in server.xml as follows:*
Realm className=org.apache.catalina.realm.JNDIRealm
connectionName=CN=123,OU=Serv-Accts,OU=PAS,OU=Resrc,DC=rma,DC=corp,DC=ABC,DC=com
connectionPassword=pwd
connectionURL=ldap://hostname:port debug=99
*roleBase*=OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com
*roleSubtree*=true
*roleName*=cn
*roleSearch*=CN=AUTH,OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com
*userBase*=OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com
*userSubtree*=true
*userPattern*=CN={0},OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com/
*The web.xml is as follows:*
**
security-constraint
display-nameSecurity Constraint/display-name
web-resource-collection
web-resource-nameProtected Area/web-resource-name
!-- Define the context-relative URL(s) to be protected --
url-pattern/*/url-pattern
!-- If you list http methods, only those methods are protected --
/web-resource-collection
auth-constraint
!-- Anyone with one of the listed roles may access this area --
role-name*AUTH*/role-name
/auth-constraint
/security-constraint
!-- Default login configuration uses form-based authentication --
login-config
auth-methodFORM/auth-method
realm-nameForm-Based Authentication Area/realm-name
form-login-config
form-login-page/Login.jsp/form-login-page
form-error-page/error.jsp/form-error-page
/form-login-config
/login-config
!-- Security roles referenced by this web application --
security-role
role-name*AUTH*/role-name
/security-role
Any help is appreciated.
Thanks,
Savitha
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Urgent -- Need help configuring JNDI realm
Thanks for the link. On Tue, Sep 13, 2011 at 2:46 PM, Pid p...@pidster.com wrote: On 13/09/2011 19:20, Savitha Akella wrote: Hi, Any help is appreciated. http://catb.org/~esr/faqs/smart-questions.html p
