Hi Folks,
Is it possible to authenticate in multiples userBase´s using JNDIRealm ?
I have a configuration as above:
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionURL=ldap://localhost:389;
userBase=ou=people,dc=mycompany,dc=com
userSearch
No, but code of JNDIRealm can be easily reused to create your own realm.
Le Vendredi 19 Août 2005 15:26, Rogerio Baldini das Neves a écrit :
Hi Folks,
Is it possible to authenticate in multiples userBase´s using JNDIRealm ?
I have a configuration as above:
Realm className
());
i++;
}
}
catch(Exception e){
}
Thanks for answers
Jabouille Jean Charles
- Original Message -
From: jean charles jabouille [EMAIL PROTECTED]
To: tomcat-user@jakarta.apache.org
Sent: Friday, March 11, 2005 10:48 AM
Subject: JNDIrealm Mbean
Hi,
I use
I answer to my questions...
try {
ObjectName JNDIRealm = new
ObjectName(Catalina:type=Realm,path=/DJLRWebapp,host=localhost);
List list = MBeanServerFactory.findMBeanServer(null);
MBeanServer server = (MBeanServer) list.iterator().next();
System.out.println(server.getAttribute
Hi,
I use Tomcat 5.5 and I created a JNDIRealm in the server.xml file. I d'like to
accede to the JNDIMean mbean but I can't find informations about source code
exemple. I saw this page that contains all Tomcat Mbean
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/catalina/funcspecs/mbean
I wonder ive started a jndirealm and it works just fine against ldap. I have
no problem to login from a webbrowser (BASIC mode). But i want to login from
a Java client how do i do that ?
_
Chat: Ha en fest på Habbo Hotel
http
as an
http-request and then look at the http-response.
Regards
Roland Carlsson
Den 05-02-21 12.20, skrev bohldan bohldan [EMAIL PROTECTED]:
I wonder ive started a jndirealm and it works just fine against ldap. I have
no problem to login from a webbrowser (BASIC mode). But i want to login from
Hi,
I'm Trying to apply JNDIRealm to the LDAP structure, where each user
belong to some group (organizationalUnit):
dn: ou=Group1, o=myorg
objectclass: organizationalUnit
ou: Group1
dn: uid=user1, ou=Group1, o=myorg
objectclass: person
uid: user1
dn: ou=Group2, o=myorg
objectclass
in JNDIRealm
Hi!
After an hour of searching I can't figure out if Tomcat is able to find
groups in group in a LDAP server?
I found this in the archives but since it is from 4.1.18
http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg89601.html
Thanks in advance
Roland Carlsson
Hi!
After an hour of searching I can't figure out if Tomcat is able to find
groups in group in a LDAP server?
I found this in the archives but since it is from 4.1.18
http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg89601.html
Thanks in advance
Roland Carlsson
Hi List
I'm trying to connect Tomcat/5.0.28 to AD on Windows 2003. My problem is that
JNDIRealm fails to get role information, after successfully binding with the
users DN.
My temporary conclusion is that JNDIRealm fails to use the bound connection with
AD when performing the search for the role
Hello:
I have a problem with my JNDIRealm configuration in Tomcat 5.
I'm using the bind mode for authentication
My company have Microsoft Active Directory with two ou within ou=People
I configured the server.xml to connect to my ldap sucessfully but only to
one OU, i tried to put only ou=People
I'm trying configure one JNDIRealm asking to one Windows 2000 Active
Directory. In the examples in the web of jakarta I have seen examples over
openLdap. Can you help me in the configuration over Windows2000 AD. Has
somebody a production system or wep application using JNDIRealm vs Active
Unfortunately, the LDAP server is on Domino and the only guy who worked on
it quit.
And I don't know enough about Domino to access it's logs or figure out the
answers to the questions below.
Here's what is appearing in the Tomcat logs:
2004-08-11 10:43:23 JNDIRealm[deepa.myinfogenic.net
Hello!
My webapp is running on Tomcat 5.0.
I've been trying to set it up to use the LDAP server for authentication
without any luck.
Here are my entries in server.xml and web.xml respectively:
server.xml:
Host name=beepy.myinfogenic.net debug=0 appBase=webapps
unpackWARs=true
for Tomcat and the LDAP server? (Increase log verbosity on
both for the purposes of your test. You'd be surprised what gremlins
are lurking ;)
- does your LDAP directory have the proper attributes for user roles and
such?
- does the directory use a password hashing expected by JNDIRealm
Hello All,
I'm using JNDIRealm to authenticate users and it's working well.
In my java code, I need to retrieve roles associated with the
authenticated user.
Here is a sample of this code :
Subject s =
Subject.getSubject((AccessControlContext)System.getSecurityManager().getSecurityContext
to get Roles in a Principal with JNDIRealm
Hello All,
I'm using JNDIRealm to authenticate users and it's working well.
In my java code, I need to retrieve roles associated with the
authenticated user.
Here is a sample of this code :
Subject s =
Subject.getSubject
functionality of the application automatically depending on
their group membership (which is checked using method isUserInRole at
runtime).
It seems that the LDAP JNDIRealm of tomcat automatically performs an
authorisation for given groups after a successful user authentication
... Is this generally
in a bug report about that
ldaps matter :) If it has not already been done that is.
Regards,
Shane.
-Original Message-
From: Chong Yu Meng [mailto:[EMAIL PROTECTED]
Sent: Monday, 10 May 2004 11:53 AM
To: Tomcat Users List
Subject: Re: JNDIRealm strangeness
Hi Shane !
Thanks for your help
Message-
From: Chong Yu Meng [mailto:[EMAIL PROTECTED]
Sent: Friday, 7 May 2004 8:17 PM
To: Tomcat Users List
Subject: Re: JNDIRealm strangeness
Hi Shane !
Thanks for the description and advice! I managed to finally turn on
OpenLDAP logging (a pain in Fedora Core 1), and set the loglevel to 256
Hi Shane !
Thanks for your help! After experimenting over the weekend, I think that
this is probably a bug in the Tomcat code. I checked and corrected some
problems in my OpenLDAP setup, and verified that SSL/TLS connections can
be made successfully to it using ldapsearch. When I tried
Hi All !
I wonder if anyone has seen this anomaly, when following my instructions
on setting up a JNDIRealm, on my website
(http://cymulacrum.net/writings/adv_tomcat/c487.html). I wrote these
instructions after version 5.0.19 of Tomcat came out and fixed the
character encoding issue
:[EMAIL PROTECTED]
Sent: Friday, 7 May 2004 4:32 PM
To: Tomcat Users List
Subject: JNDIRealm strangeness
Hi All !
I wonder if anyone has seen this anomaly, when following my instructions
on setting up a JNDIRealm, on my website
(http://cymulacrum.net/writings/adv_tomcat/c487.html). I wrote
connection. But my JNDIRealm still works ! Users can still authenticate
successfully. Does the connection fallback to port 389 if a connection
on 636 is not possible?
Thanks for the help, Shane ! If you have any further suggestions, I
would really appreciate it !
Regards,
pascal chong
Shane Linley
Hello All,
I searched the archive but have not seen a situation like mine.
I am in the process of upgrading to tomcat 5.0.16 from 4.1.29.
I'm happy to say that my webapp seems to be running fine under tomcat 5
with one important exception. My configured JNDIRealm seems to be
failing. The main
Is there a flag you can you in the Realm decleration portion of server.xml
that turns off the RFC2254 encoding in the JNDI Realm. Upgrading my ldap
server is low on my list of things I'd like to do soon.
I use this currently
Realm className=org.apache.catalina.realm.JNDIRealm
Hi All,
I have a configuration that is not covered in the JNDIRealm HOWTO, and
was wondering if someone else has tried this before :
I am using OpenLDAP 2.1.22 on Red Hat 9. For the DN, I am using the CN
instead of the UID (i.e., dn: cn=Zhu De,ou=People,o=Cymulacrum instead
of uid=zhude,ou
={0})
roleSubtree=true
connectionName=cn=appadmin,o=company,c=DE
connectionPassword=password
/
When testing it with a working user/pass combination I get:
2003-11-26 21:17:29 JNDIRealm[Standalone]: lookupUser(jheid)
2003-11-26 21:17:29 JNDIRealm[Standalone]:
dn=uid=jheid,ou
It looks like one of you attributes is missing (i.e. null). Do you have
a role associated with the username? I'm also having problems with
JNDIRealm -- I can't get it working ! Going to check if it is because
I'm missing some libraries.
Regards,
pascal chong
Jörn Heid wrote:
I have
Ok, why?
What am I doing that should cause a stack overflow?
Justin
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Monday, November 24, 2003 7:26 PM
To: Tomcat Users List
Subject: Re: Extending JNDIRealm
Odd, based on what I see so far, I would expect it to crash
Based on what I saw so far ...
In JNDIRealm authenticate(String, String) gets a DirContext and calls
authenticate(DirContext, String, String).
Your code snippet which I assume overrides, authenticate(DirContext, String,
String) which calls super.authenticate(String, String
I *cough* didn't download the JNDIRealm code. I'll go look into that.
Justin
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 25, 2003 9:28 AM
To: Tomcat Users List
Subject: Re: Extending JNDIRealm
Based on what I saw so far ...
In JNDIRealm
Wait, reading the stack trace doesn't show anything like that.
No, that can't be the issue.
Justin
-Original Message-
From: Hart, Justin
Sent: Tuesday, November 25, 2003 9:30 AM
To: Tomcat Users List
Subject: RE: Extending JNDIRealm
I *cough* didn't download the JNDIRealm code. I'll
Read through the code, ran some example stuff. What I'm doing in my implementation is
fine.
Justin
-Original Message-
From: Hart, Justin
Sent: Tuesday, November 25, 2003 9:31 AM
To: Tomcat Users List
Subject: RE: Extending JNDIRealm
Wait, reading the stack trace doesn't show
Ok, for those interested, here's the real issue.
At some point in time (I don't know enough about tomcat to know when or why), before
it Tomcat has your username (at least with my config files, but it looks common since
JNDIRealm is checking for it too), authenticate is called with a null
No sure what's going on with this code... I'm attempting to extend JNDIRealm so I can
add a few features I need for my site, I have an interesting issue, however.
If, I try this :
public Principal authenticate(DirContext context, String username, String
credentials) throws NamingException
Whoops, the code is actually as follows...
No sure what's going on with this code... I'm attempting to extend JNDIRealm so I can
add a few features I need for my site, I have an interesting issue, however.
If, I try this :
public Principal authenticate(DirContext context, String username
Odd, based on what I see so far, I would expect it to crash with a
StackOverFlow exception.
-Tim
Hart, Justin wrote:
Whoops, the code is actually as follows...
No sure what's going on with this code... I'm attempting to extend JNDIRealm so I can add a few features I need for my site, I have
PROTECTED]
Sent: Wednesday, November 05, 2003 5:00 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Thanks for the pointer, I'll see about pointing to one of our 2 mail
servers. I wonder if they talk back and forth.
Also,
Do you know how I can extract the sign-ed on user's user-id once
List
Subject: RE: JNDIRealm...more
getRemoteUser(), if your familiar with jsp's then you'll know how to use
it. Unfortunately I don't, but I guess that is why we have web
application developers on staff. :-)
Dean Searle
Computing Oasis
989.245.7369 (p)
989.921.3904 (f)
-Original Message
I can use that. Thanks.
Robyne
-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 06, 2003 5:58 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
getRemoteUser(), if your familiar with jsp's then you'll know how to use
it. Unfortunately I
Bill Barker wrote:
Speaking only for myself, it is because of the dependencies on sun.**
classes (so it won't work with e.g. IBM's JVM). Otherwise the patch looks
Ok. I just haven't had enough spare cycles to work out how to remove the
Sun dependancies.
Ah, yes i see, but this is true for
:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 9:48 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Hello,
I hope that I am not to late to post here. I have just returned to the
land of the living and have started to catch up on my reading. I noticed
that Robyne you were trying to find
specified?
Am I on the Right Track(tm) with all of this?
Justin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, November 03, 2003 4:16 PM
To: [EMAIL PROTECTED]
Subject: RE: JNDIRealm...more
Here's what I have..this works for mehope this helps
Ok, figured it out. For those who are curious (IE the handful of other people who've
been taking part in JNDIRealm threads on this list:
roleBase=OU=Users,OU=[Your OU from the userBase],DC=[Domain],DC=com
roleName=memberOf
roleSearch=(Whatever group all members allowed
Ok, more nifty questions from myself.
The format that the rest of the company uses for NT Authentication is
[domain].com\[username] in the username field, and then [pass] in the password field.
The NT Admins would really like if my application would do the same (so as not to
throw off users).
appreciation,
Robyne Vaughn
-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 9:48 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Hello,
I hope that I am not to late to post here. I have just returned to the
land of the living
.
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Wed 11/5/2003 13:46
To: Tomcat Users List
Cc:
Subject:RE: JNDIRealm...more
Dean!
Mine works!
A thousand thanks!
I hope I can return the favor some time.
Your nice explanation helped.
I did
: Wednesday, November 05, 2003 2:06 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Great to hear that information worked for you. I included the
alternateURL in the event our primary AD went down for one reason or
another and our users could still access the password protected sites.
Without
PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, November 03, 2003 4:16 PM
To: [EMAIL PROTECTED]
Subject: RE: JNDIRealm...more
Here's what I have..this works for mehope this helps
Realm className=org.apache.catalina.realm.JNDIRealm
debug=99
different values for OU?
Any help would be appreciated.
Thanks,
rob
-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 9:13 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
I just got it working...
A million thank yous! I didn't really
, November 04, 2003 11:14 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
1) In terms of active directory, the roleSearch, in this case, would be
a group that the person logging in needs to be a member of. In terms of
mine, it would be the ALL mailing list for my company. What you need
I used * as my role-name.
Justin
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:38 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Justin,
I REALLY appreciate your help. I've been stuck for a while.
I believe that Users
: JNDIRealm...more
I used * as my role-name.
Justin
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:38 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Justin,
I REALLY appreciate your help. I've been stuck for a while.
I believe
Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 11:40 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Oh, for the AD LDAP, I've been using the programs that came with Active
Directory. There is also an ldp.exe, I dunno where that came from
Good luck.
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 1:07 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Thanks, Justin,
You've given me some good pointers. I guess I'll do some more hammering
and snooping.
Our AD
Thanks.
-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:10 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Good luck.
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 1
: JNDIRealm...more
Thanks.
-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:10 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Good luck.
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November
Does anybody have an example JDNIRealm configuration (server.xml web.xml). I feel
like I'm just taking stabs in the dark with these files... Currently I can get it to
pop up a window and ask for your username/password. I use my NT username and password
and it rejects them. I think that I
Realm className=org.apache.catalina.realm.JNDIRealm
connectionURL=ldap://[Windows 2000 Domain Controller]:389
userBase=CN=Users,dc=[domain name],dc=com
userSearch=(userPrincipalName={0})
userRoleName=member
roleBase=CN=Users,dc=[domain name],dc=com
roleName=cn
roleSearch=(member={0})
My server.xml now looks like this :
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionURL=A good active directory server
userBase=dc=MY DOMAIN NAME,dc=com
userRoleName=member
roleName=cn
connectionPassword=[password]
roleSubtree=true
userSubtree=true/
-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED]
Sent: Monday, November 03, 2003 12:57 PM
To: Tomcat Users List
Subject: JNDIRealm...more
My server.xml now looks
: RE: JNDIRealm...more
Here's what I have..this works for mehope this helps
Realm className=org.apache.catalina.realm.JNDIRealm
debug=99
connectionURL=ldap://[domain controller]:389
userBase=OU=Users,OU=[My OU],DC=[Domain],DC=com
, November 03, 2003 4:18 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Is there a way to do this without the admin password in the file?
What is sAMAccountName?
Also, not terribly versed in LDAP, what is My OU?
Justin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL
PROTECTED]
Subject: RE: JNDIRealm...more
You don't need the admin password, you do need a domain account the has read
permissions.just about any account will do thiscreate a test
account.and use that instead of the admin account..
-Original Message-
From: Hart, Justin
error:
2003-07-28 09:40:49 JNDIRealm[Standalone]: Connecting to URL
ldaps://10.1.1.50:636
2003-07-28 09:40:50 JNDIRealm[Standalone]: Exception performing
authentication
javax.naming.CommunicationException: simple bind failed: 10.1.1.50:636
[Root exception is javax.net.ssl.SSLException: Connection
http://jakarta.apache.org/site/cvsindex.html
JNDIRealm is jakarta-tomcat-catalina for tomcat5,
jakarta-tomcat-4.0/catalina/ for tomcat4
I recommend more exploration before accepting an error code2 as a valid
login. Its a kluge around the MS's ldap implementation and such a kluge
probably
Hi,
I am using tomcat 4.1.27, Java sdk-1.4.1_02 and JNDIRealm to use the Micro$oft
Site Server service to authenticate our webapps.
I get an error code 2 exception (Protocol Error) only when the user and the
password is right. That is to say, when an OK is expected. I am thinking
about modify
Hi
I have tried different different options but cannot get the LDAP authentication to
work in my application.
Following is what i am using.
Tomcat: 4.1.27-LE-jdk14
Apache: 2.0.47
Java : 1.4.2
Linux OS: 7.3
LDAP : IPlanet LDAP Server.
1) In this regard i have
Hi
I am using the following
Tomcat: 4.1.27-LE-jdk14
Apache: 2.0.47
Java : 1.4.2
Linux OS: 7.3
iPlanet LDAP Server
I am trying to configure LDAP authentication mechanism to my application.
1) In this regard i have downloaded the latest JNDI API and then copied the ldap.jar
file to
Hi
I am using the following
Tomcat: 4.1.27-LE-jdk14
Apache: 2.0.47
Java : 1.4.2
Linux OS: 7.3
I am trying to configure LDAP authentication mechanism to my application.
1) In this regard i have downloaded the latest JNDI API and then copied the ldap.jar
file to $CATALINA_HOME/server/lib
In a servlet I would like to access the same JNDIRealm directory server
context that is used during BASIC authentication. Is it possible to
configure the jndirealm as a resource link for the servlet context?
I *can* make an Application super user to establish a DirContext , but
wanted to use
Adam Sherman writes:
2003-07-27 13:44:06 JNDIRealm[Standalone]: validating credentials by
binding as the user
2003-07-27 13:44:06 JNDIRealm[Standalone]: binding as
uid=adam,ou=People,dc=tritus,dc=ca
2003-07-27 13:44:06 JNDIRealm[Standalone]: bind attempt failed
JNDIRealm is attempting
-27 13:44:06 JNDIRealm[Standalone]: validating credentials by
binding as the user
2003-07-27 13:44:06 JNDIRealm[Standalone]: binding as
uid=adam,ou=People,dc=tritus,dc=ca
2003-07-27 13:44:06 JNDIRealm[Standalone]: bind attempt failed
JNDIRealm is attempting to bind as 'uid=adam,ou=People,dc
Is 'mail' the naming value?
This means, if you export to an ldif file you should find a line
dn: [EMAIL PROTECTED],ou=People,dc=tritus,dc=ca
Hayo Schmidt
Adam Sherman schrieb:
I am trying to get JNDIRealm to authenticate against my LDAP tree:
Realm className
Is 'mail' the naming value?
This means, if you export to an ldif file you should find a line
dn: [EMAIL PROTECTED],ou=People,dc=tritus,dc=ca
Hayo Schmidt
Adam Sherman schrieb:
I am trying to get JNDIRealm to authenticate against my LDAP tree:
Realm className
Does anyone have any experience getting ldaps working w/ the JDNIRealms in
Tomcat 4.1.24? Regular LDAP is working fine, but when I change the connection
URL to ldaps://ldap-host:636 I get the following error:
2003-07-28 09:40:49 JNDIRealm[Standalone]: Connecting to URL ldaps://10.1.1.50:636
:
2003-07-28 09:40:49 JNDIRealm[Standalone]: Connecting to URL
ldaps://10.1.1.50:636
2003-07-28 09:40:50 JNDIRealm[Standalone]: Exception performing
authentication
javax.naming.CommunicationException: simple bind failed: 10.1.1.50:636
[Root
exception is javax.net.ssl.SSLException: Connection has been
Jeff Tulley wrote:
We've done exactly that. What you need to do is import the root
certificate into a .keystore file. I'm not sure if Tomcat will pick up
the default cacerts file, or if you always have to specify it like we
did (-Djavax.net.ssl.trustStore=sys:/adminsrv/conf/.keystore etc) My
I am trying to get JNDIRealm to authenticate against my LDAP tree:
Realm className=org.apache.catalina.realm.JNDIRealm
debug=200
connectionURL=ldap://localhost:389;
userBase=ou=People,dc=tritus,dc=ca
userSearch=(mail={0})
roleBase=ou=Groups,dc=tritus
Hi,
I have successfully setup JNDIRealm for FORM based authentication and it is working
perfectly in Standalone Tomcat4.1.24. However, I am unable to do the same in
Tomcat4.1.24 bundled with JBoss. Could any body please help me out in setting up
JNDIRealm in Tomcat4.1.24 bundled with JBoss
of my code directly in an class
(say) JNDIRealmCert, and one could simply override an abstract certToUser
method.
I have tried to use CLIENT-CERT to authenticate the user for our
application. JNDIRealm do not support such authentication, so i have tried
to implement it. For our infrastructure my
I'm using Tomcat 4.1.24 (win32) and I have my JNDIRealm configured like so:
Realm className=org.apache.catalina.realm.JNDIRealm
debug=5
referrals=follow
connectionURL=ldap://vader.arbor.edu;
alternateURL=ldap://bsod.arbor.edu;
userBase
I figured it out. The credentials I was using the creation of the
InitialDirContext didn't have enough permissions (for some weird
reason). I got it to work when I used a different account.
Brad Handy
At 11:28 AM 6/6/2003, you wrote:
I'm using Tomcat 4.1.24 (win32) and I have my JNDIRealm
that is organized as follows:
dn: cn=user,ou=Groups,o=Canada,...
uniqueMember: cn=somecompany,ou=Groups,o=Canada,...
and
dn: cn=somecompany,ou=Groups,o=Canada,...
uniqueMember: uid=someuser,ou=People,o=Canada,...
My Tomcat(4.0.6) JNDIRealm configuration is as follows:
Realm className
using a JNDIRealm?
If you have multiple domains, I think your out of luck. If you run a
single active directory domain, you *might* be able to do
something like
this:
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionURL=ldap://need.morecowbell.com:389;
userBase
I'm looking for some assistance in setting up single-sign on with our
windows 2000 intranet and Tomcat using Windows Active Directory and a Tomcat
JINDIRealm and LDAP. What I'm essentially looking for is
HttpServletRequest.getRemoteUser() to return the username used to
authenticate to the Windows
If you have multiple domains, I think your out of luck. If you run a
single active directory domain, you *might* be able to do something like
this:
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionURL=ldap://need.morecowbell.com:389;
userBase=dc=more,dc=morecowbell,dc=com
Hi.
I have an application that it connects to a servlet and send it a set of
parameters through OutputStream. I have a JNDIRealm installed and when the
application connects to the servlet, my Realm can't to map these parameters
(with the client certificate) a none authenticate() method.
What
Hi...
I've making a JNDIRealm with LDAP access and I need to get the URL where
JNDIRealm is called. I've various security constraints and I would like to
distinguish the protected zones.
How I can to get the URL within of my own JNDIRealm
I've making my own JNDIRealm and my web application has various protected
zones. In my JNDIRealm I would like to retrieve the parameters from web.xml
(security-constraint subelements) related with the protected zones.
For example, in web.xml file I have the following lines:
security
Hi all.
I have making a JNDIRealm for LDAP connections (the JNDIRealm to have to
retrieve client certificates from LDAP). I would like to realize searches
only for Organization Unit (Organization and Country are fixed); though,
the client DN is CN - OU - OU - C (the root search for my LDAP
has succeeded other users can authenticate straight away -
until the next long period of inactivity. You may be able fix the
problem by disabling timeout on the directory server. (You don't say
which directory server you are using).
Really there should be an option for JNDIRealm to check whether
I have created a simple tomcat web app that uses a
JNDIRealm for authentication per the instructions in
the Tomcat 4.1 documentation. When I start tomcat,
the login process for this web app works fine for a
few minutes or logins.
Eventually, I reach a state where the first login
always fails
I have been able to successfully set up a JNDIRealm in tomcat for
authentication. Only problem is after about 12 (rough guess) I get
the dreaded black page instead of seeing my login form. The workaround
is to restart tomcat. Obviously, this won't work well for a always-on
service. Maybe
I apoligize for the false alarm.
My password had expired (arghh)
that is why the login process failed.
Back to the regularly scheduled program.
Vincent Stoessel wrote:
I have been able to successfully set up a JNDIRealm in tomcat for
authentication. Only problem is after about 12 (rough guess
Looks like you are using parentheses around the 0 rather than
brackets. That is probably why it is being passed literal rather than
being expanded.
---
Sorry to jump in on this discussion. But I think people with LDAP
experience are having a look on it.
Realm
Subject: JNDIRealm and 4.1.10 with iPlanet
I'm using Tomcat 4.1.10 trying to authenticate against iPlanet
Directory Server 5.0.
I've created a Realm inside of the Engine declaration:
Realm className=org.apache.catalina.realm.JNDIRealm
debug=999
connectionName=cn
=People, dc=my-company,
dc=com
/
I'm getting this in the log when I start Tomcat:
2002-09-23 11:09:49 JNDIRealm[Standalone]: Connecting to URL
ldap://192.168.90.120:11592
According to the documentation putting the Realm declaration in the
Engine section should make it used globally, but when I
1 - 100 of 163 matches
Mail list logo