DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11679>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11679 "anonymous bind failed" exceptions occur if connectionName not specified with JNDIRealm Summary: "anonymous bind failed" exceptions occur if connectionName not specified with JNDIRealm Product: Tomcat 4 Version: 4.1.9 Platform: Other OS/Version: Other Status: NEW Severity: Minor Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] I found that it's necessary to set the connectionName attribute when using JNDIRealm, even when just binding anonymously (at least when used with OpenLDAP 2.1.2). For example, this works, <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://localhost:8636"; connectionName="" connectionPassword="" userPattern="uid={0}, ou=People, dc=uchicago, dc=edu" userRoleName="eduPersonAffiliation"/> However, this only kind of works. In this case, the first authentication fails (when prompted using BASIC authentication and a pop-up dialog box) and then the second succeeds. <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://localhost:8636"; userPattern="uid={0}, ou=People, dc=uchicago, dc=edu" userRoleName="eduPersonAffiliation"/> The following is what the log looks like for the second case. IMHO, you shouldn't have to specify the connectionName attribute. 2002-08-13 15:43:30 JNDIRealm[Standalone]: lookupUser(jemiller) 2002-08-13 15:43:30 JNDIRealm[Standalone]: dn=uid=jemiller, ou=People, dc=uchicago, dc=edu 2002-08-13 15:43:30 JNDIRealm[Standalone]: Exception performing authentication javax.naming.CommunicationException: anonymous bind failed: localhost:8636. Root exception is java.net.SocketException: Socket closed at java.net.SocketOutputStream.socketWrite0(Native Method) at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92) at java.net.SocketOutputStream.write(SocketOutputStream.java:126) at java.io.BufferedOutputStream.flushBuffer (BufferedOutputStream.java:69) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127) at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:385) at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:309) at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:146) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2516) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2458) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2432) at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1837) at com.sun.jndi.ldap.LdapCtx.doSearchOnce(LdapCtx.java:1829) at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1223) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes (ComponentDirContext.java:213) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes (PartialCompositeDirContext.java:121) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes (PartialCompositeDirContext.java:109) at javax.naming.directory.InitialDirContext.getAttributes (InitialDirContext.java:121) at org.apache.catalina.realm.JNDIRealm.getUserByPattern (JNDIRealm.java:819) 2002-08-13 15:43:30 JNDIRealm[Standalone]: lookupUser(jemiller) 2002-08-13 15:43:30 JNDIRealm[Standalone]: dn=uid=jemiller, ou=People, dc=uchicago, dc=edu 2002-08-13 15:43:30 JNDIRealm[Standalone]: Exception performing authentication javax.naming.CommunicationException: anonymous bind failed: localhost:8636. Root exception is java.net.SocketException: Socket closed at java.net.SocketOutputStream.socketWrite0(Native Method) at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92) at java.net.SocketOutputStream.write(SocketOutputStream.java:126) at java.io.BufferedOutputStream.flushBuffer (BufferedOutputStream.java:69) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127) at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:385) at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:309) at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:146) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2516) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2458) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2432) at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1837) at com.sun.jndi.ldap.LdapCtx.doSearchOnce(LdapCtx.java:1829) at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1223) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes (ComponentDirContext.java:213) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes (PartialCompositeDirContext.java:121) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes (PartialCompositeDirContext.java:109) at javax.naming.directory.InitialDirContext.getAttributes (InitialDirContext.java:121) at org.apache.catalina.realm.JNDIRealm.getUserByPattern (JNDIRealm.java:819) at org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:773) at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:724) at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:671) at org.apache.catalina.authenticator.BasicAuthenticator.authenticate (BasicAuthenticator.java:161) at org.apache.catalina.authenticator.AuthenticatorBase.invoke (AuthenticatorBase.java:502) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe xt(StandardPipeline.java:641) at org.apache.catalina.valves.CertificatesValve.invoke (CertificatesValve.java:246) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe xt(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke (StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke (ContainerBase.java:995) at org.apache.catalina.core.StandardContext.invoke (StandardContext.java:2350) at org.apache.catalina.core.StandardHostValve.invoke (StandardHostValve.java:180) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe xt(StandardPipeline.java:643) at org.apache.catalina.valves.ErrorDispatcherValve.invoke (ErrorDispatcherValve.java:170) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe xt(StandardPipeline.java:641) at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:171) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe xt(StandardPipeline.java:641) at org.apache.catalina.valves.AccessLogValve.invoke (AccessLogValve.java:469) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe xt(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke (StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke (ContainerBase.java:995) at org.apache.catalina.core.StandardEngineValve.invoke (StandardEngineValve.java:174) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe xt(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke (StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke (ContainerBase.java:995) at org.apache.coyote.tomcat4.CoyoteAdapter.service (CoyoteAdapter.java:223) at org.apache.coyote.http11.Http11Processor.process (Http11Processor.java:405) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnecti on(Http11Protocol.java:380) at org.apache.tomcat.util.net.TcpWorkerThread.runIt (PoolTcpEndpoint.java:508) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run (ThreadPool.java:533) at java.lang.Thread.run(Thread.java:536) 2002-08-13 15:43:30 JNDIRealm[Standalone]: Closing directory context 2002-08-13 15:43:37 JNDIRealm[Standalone]: Connecting to URL ldap://localhost:8636 2002-08-13 15:43:37 JNDIRealm[Standalone]: lookupUser(jemiller) 2002-08-13 15:43:37 JNDIRealm[Standalone]: dn=uid=jemiller, ou=People, dc=uchicago, dc=edu 2002-08-13 15:43:37 JNDIRealm[Standalone]: retrieving values for attribute eduPersonAffiliation 2002-08-13 15:43:37 JNDIRealm[Standalone]: validating credentials by binding as the user 2002-08-13 15:43:37 JNDIRealm[Standalone]: binding as uid=jemiller, ou=People, dc=uchicago, dc=edu 2002-08-13 15:43:37 JNDIRealm[Standalone]: Username jemiller successfully authenticated 2002-08-13 15:43:37 JNDIRealm[Standalone]: getRoles(uid=jemiller, ou=People, dc=uchicago, dc=edu) 2002-08-13 15:43:37 JNDIRealm[Standalone]: Username jemiller does NOT have role faculty 2002-08-13 15:43:37 JNDIRealm[Standalone]: Username jemiller has role staff 2002-08-13 15:47:06 JNDIRealm[Standalone]: lookupUser(jemiller) 2002-08-13 15:47:06 JNDIRealm[Standalone]: dn=uid=jemiller, ou=People, dc=uchicago, dc=edu 2002-08-13 15:47:06 JNDIRealm[Standalone]: Exception performing authentication -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
