RE: Tomcat, JNDI, Active Directory
und()) ? "\n\tAuthenticated to the server ( simple )\n": "\n\tNot authenticated to the server\n"); // disconnect with the server conn.disconnect(); } catch( LDAPException e ) { System.out.println( "Error: " + e.toString() ); } return; } private static void simpleBind2( int version, LDAPConnection conn, String host, int port,String dn, String passwd ) { try { System.out.println("Simple bind with connection method..."); // connect to the server conn.connect( host, port ); // authenticate to the server with the connection method try { conn.bind( version, dn, passwd.getBytes("UTF8") ); } catch (UnsupportedEncodingException u){ throw new LDAPException( "UTF8 Invalid Encoding", LDAPException.LOCAL_ERROR, (String)null, u); } System.out.println((conn.isBound()) ? "\n\tAuthenticated to the server ( simple )\n": "\n\tNot authenticated to the server\n"); // disconnect with the server conn.disconnect(); } catch( LDAPException e ) { System.out.println( "Error: " + e.toString() ); } return; } private static void SSLBind( int version, String host, int SSLPort, String dn, String passwd ) { // Set the socket factory for this connection only LDAPJSSESecureSocketFactory ssf = new LDAPJSSESecureSocketFactory(); LDAPConnection conn = new LDAPConnection(ssf); try { System.out.println("SSL bind..."); // connect to the server conn.connect( host, SSLPort); // authenticate to the server with the connection method try { conn.bind( version, dn, passwd.getBytes("UTF8") ); } catch (UnsupportedEncodingException u){ throw new LDAPException( "UTF8 Invalid Encoding", LDAPException.LOCAL_ERROR, (String)null, u); } System.out.println((conn.isBound()) ? "\n\tAuthenticated to the server ( ssl )\n": "\n\tNot authenticated to the server\n"); // disconnect with the server conn.disconnect(); } catch( LDAPException e ) { System.out.println( "Error: " + e.toString() ); } return; } } --- END GetAuthenticated.java --- -Original Message- From: Roland Carlsson [mailto:[EMAIL PROTECTED] Sent: Friday, October 15, 2004 10:49 AM To: TomcatUsers Subject: Sv: Tomcat, JNDI, Active Directory Hello! Thanks for your answer! I'll try to find a tool that can help me but I appreciate some tips if anyone have used a good tool for this. Regards Roland Carlsson Den 04-10-15 15.16, skrev "QM" <[EMAIL PROTECTED]>: > On Fri, Oct 15, 2004 at 08:18:56AM +0200, Roland Carlsson wrote: > : Is there anyone out there who would like to figure out what I am doing wrong > : when trying to create a realm in Tomcat that is supposed to authenitcate > : users over JNDI against an Active Directory server. > > Why not try this: authenticate against AD using something other than > Tomcat. It's easier to troubleshoot if you strip away the layers, then > methodically test each one till you find the culprit. > > I don't know what tools AD would have for this; but many LDAP > implementations have standalone tools for searching the directory. You > could fire up something of that nature to test the DN and such you have > in your Tomcat config. > > -QM Sent using the Microsoft Entourage 2004 for Mac Test Drive. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Sv: Tomcat, JNDI, Active Directory
Hello! Thanks for your answer! I'll try to find a tool that can help me but I appreciate some tips if anyone have used a good tool for this. Regards Roland Carlsson Den 04-10-15 15.16, skrev "QM" <[EMAIL PROTECTED]>: > On Fri, Oct 15, 2004 at 08:18:56AM +0200, Roland Carlsson wrote: > : Is there anyone out there who would like to figure out what I am doing wrong > : when trying to create a realm in Tomcat that is supposed to authenitcate > : users over JNDI against an Active Directory server. > > Why not try this: authenticate against AD using something other than > Tomcat. It's easier to troubleshoot if you strip away the layers, then > methodically test each one till you find the culprit. > > I don't know what tools AD would have for this; but many LDAP > implementations have standalone tools for searching the directory. You > could fire up something of that nature to test the DN and such you have > in your Tomcat config. > > -QM Sent using the Microsoft Entourage 2004 for Mac Test Drive. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat, JNDI, Active Directory
On Fri, Oct 15, 2004 at 08:18:56AM +0200, Roland Carlsson wrote: : Is there anyone out there who would like to figure out what I am doing wrong : when trying to create a realm in Tomcat that is supposed to authenitcate : users over JNDI against an Active Directory server. Why not try this: authenticate against AD using something other than Tomcat. It's easier to troubleshoot if you strip away the layers, then methodically test each one till you find the culprit. I don't know what tools AD would have for this; but many LDAP implementations have standalone tools for searching the directory. You could fire up something of that nature to test the DN and such you have in your Tomcat config. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat, JNDI, Active Directory
Hi! Is there anyone out there who would like to figure out what I am doing wrong when trying to create a realm in Tomcat that is supposed to authenitcate users over JNDI against an Active Directory server. In my server.xml I have the following ldap://192.168.10.10:389"; alternateURL="ldap://192.168.10.10:389"; userBase="ou=Users,dc=alfa-moving,dc=se" userPattern="uid={0},ou=Users,dc=alfa-moving,dc=se" roleBase="ou=Users,dc=alfa-moving,dc=se" roleName="cn" debug="99" /> The log from tomcat says the following 004-10-14 16:04:04 JNDIRealm[Catalina]: Connecting to URL ldap://192.168.10.10:389 2004-10-14 16:04:16 JNDIRealm[Catalina]: lookupUser(JKP_konf) 2004-10-14 16:04:16 JNDIRealm[Catalina]: dn=uid=JKP_konf,ou=Users,dc=alfa-moving,dc=se 2004-10-14 16:04:16 JNDIRealm[Catalina]: validating credentials by binding as the user 2004-10-14 16:04:16 JNDIRealm[Catalina]: binding as uid=JKP_konf,ou=Users,dc=alfa-moving,dc=se 2004-10-14 16:04:16 JNDIRealm[Catalina]: bind attempt failed 2004-10-14 16:04:16 JNDIRealm[Catalina]: Username JKP_konf NOT successfully authenticated When I look in the gui of AD I se a tree like this Active Directory Users and Computers --+alfa-moving.se + Users --+JKP_konf So, what have I done wrong ... somehow it always seem to be me who does the errors... .-) Thanks in advance Roland Carlsson ps: This is a crosspost of what I posted in the JNDI-forum at java.sun.com yesterday but got no answers (jet). Sent using the Microsoft Entourage 2004 for Mac Test Drive. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]