Urgent -- Need help configuring JNDI realm
Hi, I need help in configuring the JNDI Realm to connect to LDAP Server and authenticate users. Here are the details: CN=AUTH,OU=XYZ,OU=Application Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com - *AUTH is the group in which i have to search if the user is a member of or not. All the members in this group are defined in OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com* ** This group has members who are defined in CN=User,OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com *I have set my JNDIRealm tag in server.xml as follows:* Realm className=org.apache.catalina.realm.JNDIRealm connectionName=CN=123,OU=Serv-Accts,OU=PAS,OU=Resrc,DC=rma,DC=corp,DC=ABC,DC=com connectionPassword=pwd connectionURL=ldap://hostname:port debug=99 *roleBase*=OU=XYZ,OU=Application Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com *roleSubtree*=true *roleName*=cn *roleSearch*=CN=AUTH,OU=XYZ,OU=Application Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com *userBase*=OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com *userSubtree*=true *userPattern*=CN={0},OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com/ *The web.xml is as follows:* ** security-constraint display-nameSecurity Constraint/display-name web-resource-collection web-resource-nameProtected Area/web-resource-name !-- Define the context-relative URL(s) to be protected -- url-pattern/*/url-pattern !-- If you list http methods, only those methods are protected -- /web-resource-collection auth-constraint !-- Anyone with one of the listed roles may access this area -- role-name*AUTH*/role-name /auth-constraint /security-constraint !-- Default login configuration uses form-based authentication -- login-config auth-methodFORM/auth-method realm-nameForm-Based Authentication Area/realm-name form-login-config form-login-page/Login.jsp/form-login-page form-error-page/error.jsp/form-error-page /form-login-config /login-config !-- Security roles referenced by this web application -- security-role role-name*AUTH*/role-name /security-role Any help is appreciated. Thanks, Savitha
Re: Urgent -- Need help configuring JNDI realm
On 13/09/2011 19:20, Savitha Akella wrote: Hi, Any help is appreciated. http://catb.org/~esr/faqs/smart-questions.html p signature.asc Description: OpenPGP digital signature
Re: Urgent -- Need help configuring JNDI realm
Savitha you forgot to mention what was the problem that you were having. Anyway, in your realm specification, for the connectionName you need to specify the actual name of the user (i.e. admin) that is able to log into the LDAP to do the lookup that you are interested in. connectionPassword is the password for that user/admin. Rudy On Tue, Sep 13, 2011 at 11:20 AM, Savitha Akella savitha.saraswa...@gmail.com wrote: Hi, I need help in configuring the JNDI Realm to connect to LDAP Server and authenticate users. Here are the details: CN=AUTH,OU=XYZ,OU=Application Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com - *AUTH is the group in which i have to search if the user is a member of or not. All the members in this group are defined in OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com* ** This group has members who are defined in CN=User,OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com *I have set my JNDIRealm tag in server.xml as follows:* Realm className=org.apache.catalina.realm.JNDIRealm connectionName=CN=123,OU=Serv-Accts,OU=PAS,OU=Resrc,DC=rma,DC=corp,DC=ABC,DC=com connectionPassword=pwd connectionURL=ldap://hostname:port debug=99 *roleBase*=OU=XYZ,OU=Application Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com *roleSubtree*=true *roleName*=cn *roleSearch*=CN=AUTH,OU=XYZ,OU=Application Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com *userBase*=OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com *userSubtree*=true *userPattern*=CN={0},OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com/ *The web.xml is as follows:* ** security-constraint display-nameSecurity Constraint/display-name web-resource-collection web-resource-nameProtected Area/web-resource-name !-- Define the context-relative URL(s) to be protected -- url-pattern/*/url-pattern !-- If you list http methods, only those methods are protected -- /web-resource-collection auth-constraint !-- Anyone with one of the listed roles may access this area -- role-name*AUTH*/role-name /auth-constraint /security-constraint !-- Default login configuration uses form-based authentication -- login-config auth-methodFORM/auth-method realm-nameForm-Based Authentication Area/realm-name form-login-config form-login-page/Login.jsp/form-login-page form-error-page/error.jsp/form-error-page /form-login-config /login-config !-- Security roles referenced by this web application -- security-role role-name*AUTH*/role-name /security-role Any help is appreciated. Thanks, Savitha - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Urgent -- Need help configuring JNDI realm
Hi Rudy, Sorry that I missed out the problem. I can connect to the server but the authentication of a member in the group AUTH is failing inspite of giving proper credentials. May be I have not configured properly. Regards, Savitha On Tue, Sep 13, 2011 at 3:02 PM, Rudy Gireyev rgire...@gmail.com wrote: Savitha you forgot to mention what was the problem that you were having. Anyway, in your realm specification, for the connectionName you need to specify the actual name of the user (i.e. admin) that is able to log into the LDAP to do the lookup that you are interested in. connectionPassword is the password for that user/admin. Rudy On Tue, Sep 13, 2011 at 11:20 AM, Savitha Akella savitha.saraswa...@gmail.com wrote: Hi, I need help in configuring the JNDI Realm to connect to LDAP Server and authenticate users. Here are the details: CN=AUTH,OU=XYZ,OU=Application Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com - *AUTH is the group in which i have to search if the user is a member of or not. All the members in this group are defined in OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com* ** This group has members who are defined in CN=User,OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com *I have set my JNDIRealm tag in server.xml as follows:* Realm className=org.apache.catalina.realm.JNDIRealm connectionName=CN=123,OU=Serv-Accts,OU=PAS,OU=Resrc,DC=rma,DC=corp,DC=ABC,DC=com connectionPassword=pwd connectionURL=ldap://hostname:port debug=99 *roleBase*=OU=XYZ,OU=Application Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com *roleSubtree*=true *roleName*=cn *roleSearch*=CN=AUTH,OU=XYZ,OU=Application Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com *userBase*=OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com *userSubtree*=true *userPattern*=CN={0},OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com/ *The web.xml is as follows:* ** security-constraint display-nameSecurity Constraint/display-name web-resource-collection web-resource-nameProtected Area/web-resource-name !-- Define the context-relative URL(s) to be protected -- url-pattern/*/url-pattern !-- If you list http methods, only those methods are protected -- /web-resource-collection auth-constraint !-- Anyone with one of the listed roles may access this area -- role-name*AUTH*/role-name /auth-constraint /security-constraint !-- Default login configuration uses form-based authentication -- login-config auth-methodFORM/auth-method realm-nameForm-Based Authentication Area/realm-name form-login-config form-login-page/Login.jsp/form-login-page form-error-page/error.jsp/form-error-page /form-login-config /login-config !-- Security roles referenced by this web application -- security-role role-name*AUTH*/role-name /security-role Any help is appreciated. Thanks, Savitha - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Urgent -- Need help configuring JNDI realm
Thanks for the link. On Tue, Sep 13, 2011 at 2:46 PM, Pid p...@pidster.com wrote: On 13/09/2011 19:20, Savitha Akella wrote: Hi, Any help is appreciated. http://catb.org/~esr/faqs/smart-questions.html p