This is probably by design. This sort of information can be useful to an attacker.
If you want to implement this yourself possible starting points would be overriding the relevant methods of org.apache.catalina.realm.JNDIRealm or extending org.apache.catalina.realm.RealmBase
HTH
Mark
[EMAIL PROTECTED] wrote:
Hello,
I'm trying to use a Novell LDAP server, and let it manage the Passwords instead of my webapp. Unfortunately I've found that the JNDIRealm doesn't tell me the reason of the failure when authenticating a user.
In this case I cannot know where to redirect in the Novell portal ( Forgot Password or Password Expired functions - depending on the LDAP exception captured). since I'm new to authentication in Tomcat, can you tell me what is/are the best way to start implementing a Custom Realm that return to the application the trapped exception, in order to redirect to the correct Novell Function.
Thanks in advance..
Cyril ZEKSER
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
