No, but code of JNDIRealm can be easily reused to create your own realm.
Le Vendredi 19 Août 2005 15:26, Rogerio Baldini das Neves a écrit :
> Hi Folks,
>
> Is it possible to authenticate in multiples userBase´s using JNDIRealm ?
>
> I have a configuration as above:
>
>
Hi Folks,
Is it possible to authenticate in multiples userBase´s using JNDIRealm ?
I have a configuration as above:
ldap://localhost:389";
userBase="ou=people,dc=mycompany,dc=com"
userSearch="(mail={0})"
userRoleName="memberOf&quo
I answer to my questions...
try {
ObjectName JNDIRealm = new
ObjectName("Catalina:type=Realm,path=/DJLRWebapp,host=localhost");
List list = MBeanServerFactory.findMBeanServer(null);
MBeanServer server = (MBeanServer) list.iterator().next();
System.out.println(server.ge
BeanInfo(timer).getAttributes()[i].getName());
i++;
}
}
catch(Exception e){
}
Thanks for answers
Jabouille Jean Charles
- Original Message -
From: "jean charles jabouille" <[EMAIL PROTECTED]>
To:
Sent: Friday, March 11, 2005 10:48 AM
Subject: JNDIr
Hi,
I use Tomcat 5.5 and I created a JNDIRealm in the server.xml file. I d'like to
accede to the JNDIMean mbean but I can't find informations about source code
exemple. I saw this page that contains all Tomcat Mbean
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/catalina/funcs
http-request and then look at the http-response.
Regards
Roland Carlsson
Den 05-02-21 12.20, skrev "bohldan bohldan" <[EMAIL PROTECTED]>:
> I wonder ive started a jndirealm and it works just fine against ldap. I have
> no problem to login from a webbrowser (BASIC mode). Bu
I wonder ive started a jndirealm and it works just fine against ldap. I have
no problem to login from a webbrowser (BASIC mode). But i want to login from
a Java client how do i do that ?
_
Chat: Ha en fest på Habbo Hotel
http
Hi,
I'm Trying to apply JNDIRealm to the LDAP structure, where each user
belong to some group (organizationalUnit):
dn: ou=Group1, o=myorg
objectclass: organizationalUnit
ou: Group1
dn: uid=user1, ou=Group1, o=myorg
objectclass: person
uid: user1
dn: ou=Group2, o=myorg
object
t;CN"
roleSearch="(member={0})"
roleSubtree="true"/>
/>
Thank you very much in advance
Roland Carlsson
Från: Roland Carlsson <[EMAIL PROTECTED]>
Svara till: Tomcat Users List <[EMAIL PROTECTED]>
Datum: Wed, 17 Nov 2004 16:52:34 +0100
Till: T
Hi!
After an hour of searching I can't figure out if Tomcat is able to find
groups in group in a LDAP server?
I found this in the archives but since it is from 4.1.18
http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg89601.html
Thanks in advance
Roland Carlsson
--
Hi List
I'm trying to connect Tomcat/5.0.28 to AD on Windows 2003. My problem is that
JNDIRealm fails to get role information, after successfully binding with the
users DN.
My temporary conclusion is that JNDIRealm fails to use the bound connection with
AD when performing the search for the
Hello:
I have a problem with my JNDIRealm configuration in Tomcat 5.
I'm using the bind mode for authentication
My company have Microsoft Active Directory with two ou within ou=People
I configured the server.xml to connect to my ldap sucessfully but only to
one OU, i tried to put only ou=Peop
I'm trying configure one JNDIRealm asking to one Windows 2000 Active
Directory. In the examples in the web of jakarta I have seen examples over
openLdap. Can you help me in the configuration over Windows2000 AD. Has
somebody a production system or wep application using JNDIRealm vs A
Unfortunately, the LDAP server is on Domino and the only guy who worked on
it quit.
And I don't know enough about Domino to access it's logs or figure out the
answers to the questions below.
Here's what is appearing in the Tomcat logs:
2004-08-11 10:43:23 JNDIRealm[deepa.
both for Tomcat and the LDAP server? (Increase log verbosity on
both for the purposes of your test. You'd be surprised what gremlins
are lurking ;)
- does your LDAP directory have the proper attributes for user roles and
such?
- does the directory use a password hashing expect
Hello!
My webapp is running on Tomcat 5.0.
I've been trying to set it up to use the LDAP server for authentication
without any luck.
Here are my entries in server.xml and web.xml respectively:
server.xml:
ldap://10.0.0.29:389";
roleBase="O=Infogenic"
userPatte
t; Subject: How to get Roles in a Principal with JNDIRealm
>
>Hello All,
>
>
> I'm using JNDIRealm to authenticate users and it's working well.
> In my java code, I need to retrieve roles associated with the
> authenticated user.
> Here is a sample of
Hello All,
I'm using JNDIRealm to authenticate users and it's working well.
In my java code, I need to retrieve roles associated with the
authenticated user.
Here is a sample of this code :
Subject s =
Subject.getSubject((AccessControlContext)System.getSecurityManager().getSecur
ional functionality of the application automatically depending on
their group membership (which is checked using method isUserInRole at
runtime).
It seems that the LDAP JNDIRealm of tomcat automatically performs an
authorisation for given groups after a successful user authentication
... Is this gene
to putting in a bug report about that
"ldaps" matter :) If it has not already been done that is.
Regards,
Shane.
-Original Message-
From: Chong Yu Meng [mailto:[EMAIL PROTECTED]
Sent: Monday, 10 May 2004 11:53 AM
To: Tomcat Users List
Subject: Re: JNDIRealm strangeness
Hi Shan
Hi Shane !
Thanks for your help! After experimenting over the weekend, I think that
this is probably a bug in the Tomcat code. I checked and corrected some
problems in my OpenLDAP setup, and verified that SSL/TLS connections can
be made successfully to it using ldapsearch. When I tried starting
t!
:)
-Original Message-
From: Chong Yu Meng [mailto:[EMAIL PROTECTED]
Sent: Friday, 7 May 2004 8:17 PM
To: Tomcat Users List
Subject: Re: JNDIRealm strangeness
Hi Shane !
Thanks for the description and advice! I managed to finally turn on
OpenLDAP logging (a pain in Fedora Core 1), and set
ing wrong with my SSL/TLS
connection. But my JNDIRealm still works ! Users can still authenticate
successfully. Does the connection fallback to port 389 if a connection
on 636 is not possible?
Thanks for the help, Shane ! If you have any further suggestions, I
would really appreciate it !
Rega
-
From: Chong Yu Meng [mailto:[EMAIL PROTECTED]
Sent: Friday, 7 May 2004 4:32 PM
To: Tomcat Users List
Subject: JNDIRealm strangeness
Hi All !
I wonder if anyone has seen this anomaly, when following my instructions
on setting up a JNDIRealm, on my website
(http://cymulacrum.net/writings/adv_t
Hi All !
I wonder if anyone has seen this anomaly, when following my instructions
on setting up a JNDIRealm, on my website
(http://cymulacrum.net/writings/adv_tomcat/c487.html). I wrote these
instructions after version 5.0.19 of Tomcat came out and fixed the
character encoding issue in the
Hello All,
I searched the archive but have not seen a situation like mine.
I am in the process of upgrading to tomcat 5.0.16 from 4.1.29.
I'm happy to say that my webapp seems to be running fine under tomcat 5
with one important exception. My configured JNDIRealm seems to be
failing. The
Is there a flag you can you in the Realm decleration portion of server.xml
that turns off the RFC2254 encoding in the JNDI Realm. Upgrading my ldap
server is low on my list of things I'd like to do soon.
I use this currently
ldap://ldap0.our.domain.name";
roleName="cn"
Hi All,
I have a configuration that is not covered in the JNDIRealm HOWTO, and
was wondering if someone else has tried this before :
I am using OpenLDAP 2.1.22 on Red Hat 9. For the DN, I am using the CN
instead of the UID (i.e., dn: cn=Zhu De,ou=People,o=Cymulacrum instead
of uid=zhude,ou
It looks like one of you attributes is missing (i.e. null). Do you have
a role associated with the username? I'm also having problems with
JNDIRealm -- I can't get it working ! Going to check if it is because
I'm missing some libraries.
Regards,
pascal chong
Jörn Heid
Tomcat. I tested a lot of configurations. Here's one
of it:
When testing it with a working user/pass combination I get:
2003-11-26 21:17:29 JNDIRealm[Standalone]: lookupUser(jheid)
2003-11-26 21:17:29 JNDIRealm[Standalone]:
dn=uid=jheid,ou=People,o=,c=DE
2003-11-26 21:17:29 JNDIRealm[Standalone
Ok, for those interested, here's the real issue.
At some point in time (I don't know enough about tomcat to know when or why), before
it Tomcat has your username (at least with my config files, but it looks common since
JNDIRealm is checking for it too), authenticate is called w
Read through the code, ran some example stuff. What I'm doing in my implementation is
fine.
Justin
-Original Message-
From: Hart, Justin
Sent: Tuesday, November 25, 2003 9:31 AM
To: Tomcat Users List
Subject: RE: Extending JNDIRealm
Wait, reading the stack trace doesn&#
Wait, reading the stack trace doesn't show anything like that.
No, that can't be the issue.
Justin
-Original Message-
From: Hart, Justin
Sent: Tuesday, November 25, 2003 9:30 AM
To: Tomcat Users List
Subject: RE: Extending JNDIRealm
I *cough* didn't download the JNDIRe
I *cough* didn't download the JNDIRealm code. I'll go look into that.
Justin
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 25, 2003 9:28 AM
To: Tomcat Users List
Subject: Re: Extending JNDIRealm
Based on what I saw so far ...
In
Based on what I saw so far ...
In JNDIRealm authenticate(String, String) gets a DirContext and calls
authenticate(DirContext, String, String).
Your code snippet which I assume overrides, authenticate(DirContext, String,
String) which calls super.authenticate(String, String).
Then
Ok, why?
What am I doing that should cause a stack overflow?
Justin
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Monday, November 24, 2003 7:26 PM
To: Tomcat Users List
Subject: Re: Extending JNDIRealm
Odd, based on what I see so far, I would expect it to crash
Odd, based on what I see so far, I would expect it to crash with a
StackOverFlow exception.
-Tim
Hart, Justin wrote:
Whoops, the code is actually as follows...
No sure what's going on with this code... I'm attempting to extend JNDIRealm so I can add a few features I need for my si
Whoops, the code is actually as follows...
No sure what's going on with this code... I'm attempting to extend JNDIRealm so I can
add a few features I need for my site, I have an interesting issue, however.
If, I try this :
public Principal authenticate(DirContext context, Strin
No sure what's going on with this code... I'm attempting to extend JNDIRealm so I can
add a few features I need for my site, I have an interesting issue, however.
If, I try this :
public Principal authenticate(DirContext context, String username, String
credentials) throws Namin
I can use that. Thanks.
Robyne
-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 06, 2003 5:58 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
getRemoteUser(), if your familiar with jsp's then you'll know how to use
it. Unfor
List
Subject: RE: JNDIRealm...more
getRemoteUser(), if your familiar with jsp's then you'll know how to use
it. Unfortunately I don't, but I guess that is why we have web
application developers on staff. :-)
Dean Searle
Computing Oasis
989.245.7369 (p)
989.921.3904 (f)
-O
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 05, 2003 5:00 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Thanks for the pointer, I'll see about pointing to one of our 2 mail
servers. I wonder if they "talk" back and forth.
Also,
Do you know how I can extract the
o:[EMAIL PROTECTED]
Sent: Wednesday, November 05, 2003 2:06 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Great to hear that information worked for you. I included the
alternateURL in the event our primary AD went down for one reason or
another and our users could still access the
.
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Wed 11/5/2003 13:46
To: Tomcat Users List
Cc:
Subject:RE: JNDIRealm...more
Dean!
Mine works!
A thousand thanks!
I hope I can return the favor some time.
Your nice explanation helped.
I did not
appreciation,
Robyne Vaughn
-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 9:48 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Hello,
I hope that I am not to late to post here. I have just returned to the
land of the living and
Ok, more nifty questions from myself.
The format that the rest of the company uses for NT Authentication is
[domain].com\[username] in the username field, and then [pass] in the password field.
The NT Admins would really like if my application would do the same (so as not to
throw off users).
Ok, figured it out. For those who are curious (IE the handful of other people who've
been taking part in JNDIRealm threads on this list:
roleBase="OU=Users,OU=[Your OU from the userBase],DC=[Domain],DC=com"
roleName="memberOf"
roleSearch=&qu
eName="memberOf"
Will it take all of their roles, even with roleSearch specified?
Am I on the Right Track(tm) with all of this?
Justin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, November 03, 2003 4:16 PM
To: [EMAIL PROTECTED]
Subject: RE
le [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 9:48 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Hello,
I hope that I am not to late to post here. I have just returned to the
land of the living and have started to catch up on my reading. I noticed
that Robyne you were tryi
Bill Barker wrote:
Speaking only for myself, it is because of the dependencies on sun.**
classes (so it won't work with e.g. IBM's JVM). Otherwise the patch looks
Ok. I just haven't had enough spare cycles to work out how to remove the
Sun dependancies.
Ah, yes i see, but this is true for the
--> this is necessary to traverse the full AD
without knowing the user's base location.
I hope that this clears up some issues for you. Please let me know if I
can help you more.
Dean E. Searle
Computing Oasis
989.245.7369 (P)
989.921.3904 (F)
-Original Message-
From: Robyne V
Thanks.
-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:10 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Good luck.
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 1
Good luck.
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 1:07 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Thanks, Justin,
You've given me some good pointers. I guess I'll do some more hammering
and snooping.
Our
ight now, I'm still stuck
just figuring out where "all users" are.
-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 11:40 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Oh, for the AD LDAP, I've been using the programs tha
ubject: RE: JNDIRealm...more
I used * as my role-name.
Justin
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:38 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Justin,
I REALLY appreciate your help. I've been stuck for a w
I used * as my role-name.
Justin
-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:38 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Justin,
I REALLY appreciate your help. I've been stuck for a while.
I believe that User
ilto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 11:14 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
1) In terms of active directory, the roleSearch, in this case, would be
a group that the person logging in needs to be a member of. In terms of
mine, it would be the "ALL
ssage-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:08 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Hi,
I've been watching your emails andI'm still trying to understand. I
have a couple of ldap books and I'm trying to figure so
iven the person's specific OU?
I don't understand why you're specifying 2 different values for OU?
Any help would be appreciated.
Thanks,
rob
-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 9:13 AM
To: Tomcat Users List
EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, November 03, 2003 4:16 PM
To: [EMAIL PROTECTED]
Subject: RE: JNDIRealm...more
Here's what I have..this works for mehope this helps
ldap://[domain controller]:389"
userBase="OU=Users,OU=[M
To: [EMAIL PROTECTED]
Subject: RE: JNDIRealm...more
You don't need the admin password, you do need a domain account the has read
permissions.just about any account will do thiscreate a test
account.and use that instead of the admin account..
-Original Message-
Fro
onday, November 03, 2003 4:18 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more
Is there a way to do this without the admin password in the file?
What is sAMAccountName?
Also, not terribly versed in LDAP, what is "My OU"?
Justin
-Original Message-
From: [EMAIL PROTECTED]
PROTECTED]
Subject: RE: JNDIRealm...more
Here's what I have..this works for mehope this helps
ldap://[domain controller]:389"
userBase="OU=Users,OU=[My OU],DC=[Domain],DC=com"
userSearch="(sAMAccountName={0})&qu
connectionPassword="[password]"
roleSubtree="true"
userSubtree="true"/>
-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED]
Sent: Monday, November 03, 2003 12:57 PM
To: Tomcat Users List
Subject: JNDIReal
My server.xml now looks like this :
Reading through the log shows no errors, just that the realm is openning and closing
connections with my LDAP server, after 3 tries, it tells me that I need to use http
authentication.
What's going wrong here?
Justin
-
ldap://[Windows 2000 Domain Controller]:389"
userBase="CN=Users,dc=[domain name],dc=com"
userSearch="(userPrincipalName={0})"
userRoleName="member"
roleBase="CN=Users,dc=[domain name],dc=com"
roleName="cn"
roleSearch="(member={0})"
connectionName="CN=[jndi account username],CN=Users,DC=[domain name
Does anybody have an example JDNIRealm configuration (server.xml & web.xml). I feel
like I'm just taking stabs in the dark with these files... Currently I can get it to
pop up a window and ask for your username/password. I use my NT username and password
and it rejects them. I think that I h
636 I get the
following error:
2003-07-28 09:40:49 JNDIRealm[Standalone]: Connecting to URL
ldaps://10.1.1.50:636
2003-07-28 09:40:50 JNDIRealm[Standalone]: Exception performing
authentication
javax.naming.CommunicationException: simple bind failed: 10.1.1.50:636
[Root exception is javax.net.ss
http://jakarta.apache.org/site/cvsindex.html
JNDIRealm is jakarta-tomcat-catalina for tomcat5,
jakarta-tomcat-4.0/catalina/ for tomcat4
I recommend more exploration before accepting an error code2 as a valid
login. Its a kluge around the MS's ldap implementation and such a kluge
pro
Hi,
I am using tomcat 4.1.27, Java sdk-1.4.1_02 and JNDIRealm to use the Micro$oft
Site Server service to authenticate our webapps.
I get an "error code 2" exception (Protocol Error) only when the user and the
password is right. That is to say, when an OK is expected. I am think
Hi
I have tried different different options but cannot get the LDAP authentication to
work in my application.
Following is what i am using.
Tomcat: 4.1.27-LE-jdk14
Apache: 2.0.47
Java : 1.4.2
Linux OS: 7.3
LDAP : IPlanet LDAP Server.
1) In this regard i have downlo
Hi
I am using the following
Tomcat: 4.1.27-LE-jdk14
Apache: 2.0.47
Java : 1.4.2
Linux OS: 7.3
iPlanet LDAP Server
I am trying to configure LDAP authentication mechanism to my application.
1) In this regard i have downloaded the latest JNDI API and then copied the ldap.jar
file to $CATALIN
Hi
I am using the following
Tomcat: 4.1.27-LE-jdk14
Apache: 2.0.47
Java : 1.4.2
Linux OS: 7.3
I am trying to configure LDAP authentication mechanism to my application.
1) In this regard i have downloaded the latest JNDI API and then copied the ldap.jar
file to $CATALINA_HOME/server/lib di
In a servlet I would like to access the same JNDIRealm directory server
context that is used during BASIC authentication. Is it possible to
configure the jndirealm as a resource link for the servlet context?
I *can* make an Application "super user" to establish a DirContext , but
Adam Sherman writes:
2003-07-27 13:44:06 JNDIRealm[Standalone]: validating credentials by
binding as the user
2003-07-27 13:44:06 JNDIRealm[Standalone]: binding as
uid=adam,ou=People,dc=tritus,dc=ca
2003-07-27 13:44:06 JNDIRealm[Standalone]: bind attempt failed
JNDIRealm is attempting to
2003-07-27 13:44:06 JNDIRealm[Standalone]: validating credentials by
binding as the user
2003-07-27 13:44:06 JNDIRealm[Standalone]: binding as
uid=adam,ou=People,dc=tritus,dc=ca
2003-07-27 13:44:06 JNDIRealm[Standalone]: bind attempt failed
JNDIRealm is attempting to bind as 'uid=ad
Is 'mail' the naming value?
This means, if you export to an ldif file you should find a line
dn: [EMAIL PROTECTED],ou=People,dc=tritus,dc=ca
Hayo Schmidt
Adam Sherman schrieb:
I am trying to get JNDIRealm to authenticate against my LDAP tree:
debug="200"
Jeff Tulley wrote:
We've done exactly that. What you need to do is import the root
certificate into a .keystore file. I'm not sure if Tomcat will pick up
the default cacerts file, or if you always have to specify it like we
did (-Djavax.net.ssl.trustStore=sys:/adminsrv/conf/.keystore etc) My
gue
ldaps://:636 I get the following error:
2003-07-28 09:40:49 JNDIRealm[Standalone]: Connecting to URL
ldaps://10.1.1.50:636
2003-07-28 09:40:50 JNDIRealm[Standalone]: Exception performing
authentication
javax.naming.CommunicationException: simple bind failed: 10.1.1.50:636
[Root
exception is javax.net
Does anyone have any experience getting ldaps working w/ the JDNIRealms in
Tomcat 4.1.24? Regular LDAP is working fine, but when I change the connection
URL to ldaps://:636 I get the following error:
2003-07-28 09:40:49 JNDIRealm[Standalone]: Connecting to URL ldaps://10.1.1.50:636
2003-07-28
Is 'mail' the naming value?
This means, if you export to an ldif file you should find a line
dn: [EMAIL PROTECTED],ou=People,dc=tritus,dc=ca
Hayo Schmidt
Adam Sherman schrieb:
I am trying to get JNDIRealm to authenticate against my LDAP tree:
debug="200"
I am trying to get JNDIRealm to authenticate against my LDAP tree:
debug="200"
connectionURL="ldap://localhost:389";
userBase="ou=People,dc=tritus,dc=ca"
userSearch="(mail={0})"
roleBase="ou
Hi,
I have successfully setup JNDIRealm for FORM based authentication and it is working
perfectly in Standalone Tomcat4.1.24. However, I am unable to do the same in
Tomcat4.1.24 bundled with JBoss. Could any body please help me out in setting up
JNDIRealm in Tomcat4.1.24 bundled with JBoss
I figured it out. The credentials I was using the creation of the
InitialDirContext didn't have enough permissions (for some weird
reason). I got it to work when I used a different account.
Brad Handy
At 11:28 AM 6/6/2003, you wrote:
I'm using Tomcat 4.1.24 (win32) and I have my
I'm using Tomcat 4.1.24 (win32) and I have my JNDIRealm configured like so:
ldap://vader.arbor.edu";
alternateURL="ldap://bsod.arbor.edu";
userBase="dc=arbor,dc=edu"
userSearch="(&(objectClass=user) (cn={0}))
of my code directly in an class
(say) JNDIRealmCert, and one could simply override an abstract "certToUser"
method.
I have tried to use CLIENT-CERT to authenticate the user for our
application. JNDIRealm do not support such authentication, so i have tried
to implement it. For our infrast
ma that is organized as follows:
dn: cn=user,ou=Groups,o=Canada,...
uniqueMember: cn=somecompany,ou=Groups,o=Canada,...
and
dn: cn=somecompany,ou=Groups,o=Canada,...
uniqueMember: uid=someuser,ou=People,o=Canada,...
My Tomcat(4.0.6) JNDIRealm configuration is as follows:
ldap://ldap
; w/ windows login info using a JNDIRealm?
>
>
> If you have multiple domains, I think your out of luck. If you run a
> single active directory domain, you *might* be able to do
> something like
> this:
>
> connectionURL="ldap://need.morecowbell.com:389";
>
If you have multiple domains, I think your out of luck. If you run a
single active directory domain, you *might* be able to do something like
this:
ldap://need.morecowbell.com:389";
userBase="dc=more,dc=morecowbell,dc=com"
userSearch="(userPrincipalName={0})"
userRoleName="member"
roleBase="dc=m
I'm looking for some assistance in setting up single-sign on with our
windows 2000 intranet and Tomcat using Windows Active Directory and a Tomcat
JINDIRealm and LDAP. What I'm essentially looking for is
HttpServletRequest.getRemoteUser() to return the username used to
authenticate to the Windows n
Hi.
I have an application that it connects to a servlet and send it a set of
parameters through OutputStream. I have a JNDIRealm installed and when the
application connects to the servlet, my Realm can't to map these parameters
(with the client certificate) a none authenticate() method.
I've making my own JNDIRealm and my web application has various protected
zones. In my JNDIRealm I would like to retrieve the parameters from web.xml
( subelements) related with the protected zones.
For example, in web.xml file I have the following lines:
Private Z
Hi...
I've making a JNDIRealm with LDAP access and I need to get the URL where
JNDIRealm is called. I've various security constraints and I would like to
distinguish the protected zones.
How I can to get the URL within of my own
Hi all.
I have making a JNDIRealm for LDAP connections (the JNDIRealm to have to
retrieve client certificates from LDAP). I would like to realize searches
only for Organization Unit (Organization and Country are fixed); though,
the client DN is CN - OU - OU - C (the root search for my LDAP
has succeeded other users can authenticate straight away -
until the next long period of inactivity. You may be able fix the
problem by disabling timeout on the directory server. (You don't say
which directory server you are using).
Really there should be an option for JNDIRealm to check wh
I have created a simple tomcat web app that uses a
JNDIRealm for authentication per the instructions in
the Tomcat 4.1 documentation. When I start tomcat,
the login process for this web app works fine for a
few minutes or logins.
Eventually, I reach a state where the first login
always fails
I apoligize for the false alarm.
My password had expired (arghh)
that is why the login process failed.
Back to the regularly scheduled program.
Vincent Stoessel wrote:
> I have been able to successfully set up a JNDIRealm in tomcat for
> authentication. Only problem is after about 12
I have been able to successfully set up a JNDIRealm in tomcat for
authentication. Only problem is after about 12 (rough guess) I get
the dreaded black page instead of seeing my login form. The workaround
is to restart tomcat. Obviously, this won't work well for a always-on
service. Maybe
[EMAIL PROTECTED]>
> Sent: Monday, September 23, 2002 11:31 AM
> Subject: JNDIRealm and 4.1.10 with iPlanet
>
>
> > I'm using Tomcat 4.1.10 trying to authenticate against iPlanet
> > Directory Server 5.0.
> >
> > I've created a Realm inside of the Eng
Looks like you are using parentheses around the 0 rather than
brackets. That is probably why it is being passed literal rather than
being expanded.
---
> Sorry to jump in on this discussion. But I think people with LDAP
> experience are having a look on it.
>
> > >> > de
1 - 100 of 167 matches
Mail list logo
