Hi Can youguys give some input on the following. I am using the following Tomcat: 4.1.27-LE-jdk14 Apache: 2.0.47 Java : 1.4.2 Linux OS: 7.3 iPlanet LDAP Server I am trying to configure LDAP authentication mechanism to my application. 1) In this regard i have downloaded the latest JNDI API and then copied the ldap.jar file to $CATALINA_HOME/server/lib directory. 2) The i have added the following entry to the server.xml file. <Realm className="org.apache.catalina.realm.JNDIRealm" connectionURL="ldap://ldap.mycompany.com:389" userBase="ou=active,ou=employees,ou=people,o=mycompany.com" userSearch="(uid={0})" roleSearch="(uniqueMember={0})" roleName="cn" debug="99" contextFactory="com.sun.jndi.ldap.LdapCtxFactory" /> 3) In my application "web.xml" file i have added the following <security-constraint> <web-resource-collection> <web-resource-name>Nrt</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>CEC</realm-name> </login-config>
But authentication is not working, any debug techniques or methods will be a great help. Thanks jerome moliere <[EMAIL PROTECTED]> wrote: Davi Leal wrote: >jerome moliere wrote: > > >>> I am trying to authenticate my webapps via a JNDI Realm, which connects >>>to Microsoft Site Server (LDAP). >>> >>> >>:( >> >> > > > >>> As I am getting [LDAP: error code 2 - Protocol Error] (See below), I >>>would like to know if that Micro$oft product is a certified LDAP server. >>> >>> >>as fai as i Know, like any other microsoft product, partially... :) >> >> > >I have been told the LDAP protocol is no-100% a standard. That is to say, a >lot of providers have realized different offers, which share only 90% of the >specification (the core standard). > >Nowdays, it is said, the Netscape's one being the more recognised/compatible/ >standard. > >So, my question is now: What LDAP products does the JNDI Tomcat realm support? > > No problem with OpenLDAP ('from my experience), NDS or Sun implementations seem to work nicely. For microsoft active directory is quite a LDAP server, but you can't use the referral paradigm HTH Jerome --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------- Do you Yahoo!? The New Yahoo! Shopping - with improved product search