RE: Tomcat, JNDI, Active Directory
und()) ?
"\n\tAuthenticated to the server ( simple )\n":
"\n\tNot authenticated to the server\n");
// disconnect with the server
conn.disconnect();
}
catch( LDAPException e ) {
System.out.println( "Error: " + e.toString() );
}
return;
}
private static void simpleBind2( int version, LDAPConnection conn,
String host, int port,String dn, String passwd ) {
try {
System.out.println("Simple bind with connection method...");
// connect to the server
conn.connect( host, port );
// authenticate to the server with the connection method
try {
conn.bind( version, dn, passwd.getBytes("UTF8") );
} catch (UnsupportedEncodingException u){
throw new LDAPException( "UTF8 Invalid Encoding",
LDAPException.LOCAL_ERROR,
(String)null, u);
}
System.out.println((conn.isBound()) ?
"\n\tAuthenticated to the server ( simple )\n":
"\n\tNot authenticated to the server\n");
// disconnect with the server
conn.disconnect();
}
catch( LDAPException e ) {
System.out.println( "Error: " + e.toString() );
}
return;
}
private static void SSLBind( int version, String host, int SSLPort,
String dn, String passwd
) {
// Set the socket factory for this connection only
LDAPJSSESecureSocketFactory ssf = new LDAPJSSESecureSocketFactory();
LDAPConnection conn = new LDAPConnection(ssf);
try {
System.out.println("SSL bind...");
// connect to the server
conn.connect( host, SSLPort);
// authenticate to the server with the connection method
try {
conn.bind( version, dn, passwd.getBytes("UTF8") );
} catch (UnsupportedEncodingException u){
throw new LDAPException( "UTF8 Invalid Encoding",
LDAPException.LOCAL_ERROR,
(String)null, u);
}
System.out.println((conn.isBound()) ?
"\n\tAuthenticated to the server ( ssl )\n":
"\n\tNot authenticated to the server\n");
// disconnect with the server
conn.disconnect();
}
catch( LDAPException e ) {
System.out.println( "Error: " + e.toString() );
}
return;
}
}
--- END GetAuthenticated.java ---
-Original Message-
From: Roland Carlsson [mailto:[EMAIL PROTECTED]
Sent: Friday, October 15, 2004 10:49 AM
To: TomcatUsers
Subject: Sv: Tomcat, JNDI, Active Directory
Hello!
Thanks for your answer! I'll try to find a tool that can help me but I
appreciate some tips if anyone have used a good tool for this.
Regards
Roland Carlsson
Den 04-10-15 15.16, skrev "QM" <[EMAIL PROTECTED]>:
> On Fri, Oct 15, 2004 at 08:18:56AM +0200, Roland Carlsson wrote:
> : Is there anyone out there who would like to figure out what I am doing
wrong
> : when trying to create a realm in Tomcat that is supposed to authenitcate
> : users over JNDI against an Active Directory server.
>
> Why not try this: authenticate against AD using something other than
> Tomcat. It's easier to troubleshoot if you strip away the layers, then
> methodically test each one till you find the culprit.
>
> I don't know what tools AD would have for this; but many LDAP
> implementations have standalone tools for searching the directory. You
> could fire up something of that nature to test the DN and such you have
> in your Tomcat config.
>
> -QM
Sent using the Microsoft Entourage 2004 for Mac Test Drive.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Sv: Tomcat, JNDI, Active Directory
Hello! Thanks for your answer! I'll try to find a tool that can help me but I appreciate some tips if anyone have used a good tool for this. Regards Roland Carlsson Den 04-10-15 15.16, skrev "QM" <[EMAIL PROTECTED]>: > On Fri, Oct 15, 2004 at 08:18:56AM +0200, Roland Carlsson wrote: > : Is there anyone out there who would like to figure out what I am doing wrong > : when trying to create a realm in Tomcat that is supposed to authenitcate > : users over JNDI against an Active Directory server. > > Why not try this: authenticate against AD using something other than > Tomcat. It's easier to troubleshoot if you strip away the layers, then > methodically test each one till you find the culprit. > > I don't know what tools AD would have for this; but many LDAP > implementations have standalone tools for searching the directory. You > could fire up something of that nature to test the DN and such you have > in your Tomcat config. > > -QM Sent using the Microsoft Entourage 2004 for Mac Test Drive. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat, JNDI, Active Directory
On Fri, Oct 15, 2004 at 08:18:56AM +0200, Roland Carlsson wrote: : Is there anyone out there who would like to figure out what I am doing wrong : when trying to create a realm in Tomcat that is supposed to authenitcate : users over JNDI against an Active Directory server. Why not try this: authenticate against AD using something other than Tomcat. It's easier to troubleshoot if you strip away the layers, then methodically test each one till you find the culprit. I don't know what tools AD would have for this; but many LDAP implementations have standalone tools for searching the directory. You could fire up something of that nature to test the DN and such you have in your Tomcat config. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat, JNDI, Active Directory
Hi!
Is there anyone out there who would like to figure out what I am doing wrong
when trying to create a realm in Tomcat that is supposed to authenitcate
users over JNDI against an Active Directory server.
In my server.xml I have the following
ldap://192.168.10.10:389";
alternateURL="ldap://192.168.10.10:389";
userBase="ou=Users,dc=alfa-moving,dc=se"
userPattern="uid={0},ou=Users,dc=alfa-moving,dc=se"
roleBase="ou=Users,dc=alfa-moving,dc=se"
roleName="cn"
debug="99" />
The log from tomcat says the following
004-10-14 16:04:04 JNDIRealm[Catalina]: Connecting to URL
ldap://192.168.10.10:389
2004-10-14 16:04:16 JNDIRealm[Catalina]: lookupUser(JKP_konf)
2004-10-14 16:04:16 JNDIRealm[Catalina]:
dn=uid=JKP_konf,ou=Users,dc=alfa-moving,dc=se
2004-10-14 16:04:16 JNDIRealm[Catalina]: validating credentials by binding
as the user
2004-10-14 16:04:16 JNDIRealm[Catalina]: binding as
uid=JKP_konf,ou=Users,dc=alfa-moving,dc=se
2004-10-14 16:04:16 JNDIRealm[Catalina]: bind attempt failed
2004-10-14 16:04:16 JNDIRealm[Catalina]: Username JKP_konf NOT successfully
authenticated
When I look in the gui of AD I se a tree like this
Active Directory Users and Computers
--+alfa-moving.se
+ Users
--+JKP_konf
So, what have I done wrong ... somehow it always seem to be me who does the
errors... .-)
Thanks in advance
Roland Carlsson
ps: This is a crosspost of what I posted in the JNDI-forum at java.sun.com
yesterday but got no answers (jet).
Sent using the Microsoft Entourage 2004 for Mac Test Drive.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
