I'm having a bit of a tough time getting Tomcat5 to authenticate correctly to our LDAP server. It connects using the service account, and then attempts to bind using the username and password entered at the login page to confirm if it is valid.
As it is set up right now, if an invalid username/password is entered, catalina_log confirms that "bind attempt failed" and "Username XXX NOT successfully authenticated" just as we expect. However, if we enter in a correct username/password combination, it binds correctly, however it just hangs there as if it were awaiting response. The LDAP logs indicate that it did successfully bind correctly with the username/password combination, but no search was performed. Here is the relevent section of my server.xml file: <Realm className="org.apache.catalina.realm .JNDIRealm" debug="99" connectionURL="ldap://ldap.domain.com" connectionName="uid=admin,ou=ldapadmin,o=domain.com" connectionPassword="xxxxxx" userPattern="uid={0},ou=it,o=domain.com" userBase="ou=it,o=domain.com" /> Am I missing out on something here? I tried playing around with some of the different attributes mentioned in the Jakarta Tomcat JNDIRealm documentation, but still get the same results. We are not using any roles. How can we get it so that if the correct username/password is entered, it lets us pass the login page?