Hi All, I got my problem solved..The culprit was that I hadn't included the attribute "digest" with value "SHA" (SHA because my LDAP directory is storing the password in this format) in the <realm> directive in server.xml. Also, I had to change <role-name>cn</role-name> to <role-name>*</role-name> in web.xml. Now, the things seems to work without any hassles.
Regards, Sandeep On Tue, 02 Nov 2004 12:19:13 +0100, Olivier Jolly <[EMAIL PROTECTED]> wrote: > I'm not a specialist in this but it smells like you're saying that the > role name are listedin the attribute 'cn' and that to access your site > the connected user should have the role 'cn' hence if you do not have a > user with it's cn=cn (attribute cn = value "cn"), it won't work. Maybe > you could either enter real roles to your users in another attribute > than cn and adapt your web.xml accordingly or suppress the > auth-constraint on the role-name > > Hope it helps > > Olivier > > > > Sandeep N wrote: > > >Hi, > > > >I have a problem trying to authenticate users, whose details are > >stored in the LDAP directory through Apache Tomcat. The details of the > >software I am using are as follows : > > > >LDAP: OpenLDAP V 2.2.17 > >Web-Server: Apache-Tomcat V 4.1.30 > >OS: Suse - Linux > > > >The LDAP directory structure is somewhat like this - > >dc=my-domain,dc=com > >cn= Manager > > cn=person1 > > cn=person2 and so on > > > >In the server.xml file (under APACHE-TOMCAT-DIR/conf/) I have included > >he following piece of code - > > > ><Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" > >connectionName="cn=Manager,dc=my-domain,dc=com" > >connectionPassword="secret" connectionURL="ldap://localhost:389"; > >roleName="cn" roleSearch="(uniqueMember={0})" > >userPassword="userPassword" > >userPattern="cn={0},cn=Manager,dn=my-domain,dn=com" /> > > > >The folder I have to authenticate is "param_test" and this resides > >under "APACHE-TOMCAT-DIR/webapps". > > > >The web.xml file under the "param_test" folder contains the following > >piece of code - > >.................................. > ><security-constraint> > > <web-resource-collection> > > <web-resource-name>test</web-resource-name> > > <url-pattern>/*</url-pattern> > > </web-resource-collection> > > <auth-constraint> > > <role-name>cn</role-name> > > </auth-constraint> > ></security-constraint> > > > ><login-config> > > <auth-method>BASIC</auth-method> > > <realm-name>test</realm-name> > ></login-config> > > > >.................................. > > > >I have even copied the jndi.jar, ldap.jar files to > >APACHE-TOMCAT-DIR/server/lib directory > > > >When I try to access the link, http://localhost:8089/param_test, it > >prompts me for the username and password. When I type in these > >parameters as per the entries in the LDAP directory, the pop-up > >reappears and this goes on continously. If I cancel this pop-up, HTTP > >error 401 is returned. Any guesses where I have gone wrong? > > > >Thanks in advance. > > > >Regards, > >Sandeep > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
