I am having problems trying to get a Tomcat 4.0.3 installation to
authenticate to a Netscape LDAP server using the "built-in" capability.
Configuration:
Solaris 8, patched to date
Netscape Directory Server 4.16
Tomcat 4.0.1
J2SDK v1.4
Apache 1.3.23
I have edited the server.xml file to include a JNDIRealm entry as below:
<Realm classname="org.apache.catalina.realm.JNDIRealm"
contextFactory="com.netscape.jndi.ldap.LdapContextFactory"
debug="999"
digest="SHA"
connectionName="uid=tomcat,ou=Special Users,o=mydomain.com"
connectionPassword="secret"
connectionURL="ldap://ldapserver.mydoman.com:389";
roleBase="ou=People,o=mydomain.com"
roleName="cn"
roleSearch="(uniqueMember={0})"
roleSubtree="true"
userpassword="userpassword"
userPattern="uid={0},ou=People,o=mydomain.com" />
I have confirmed that I am contacting the LDAP server, finding the user
account, and downloading the userPassword attribute, but authentication
always fails.
I have tried both th Sun and Netscape context factories with no
difference.
I have confirmed that the DN from the server uses the UID and not the
CN.
I have tried changeing the roleName to UID.
I have tried deleting and changing the digest value.
I have tried setting the roleSubtree to both true and false.
I have confirmed tht my role groups are under ou=People,o=mydomain.com
with the user accounts.
Any ideas/help? Has any body gotten the JNDIRealm in Tomcat 4 to work
with Netscape?
--
Allen L. Chesley
Senior Systems Engineer
Raytheon
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
