Have a look at these links. There is some new functionality in Tomcat 4.1 that isn't mentioned in the main end-user document yet that is in the second link. Namely, how to get it to bind as a user to do the authentication rather than querying for a password and comparing it.
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#JNDIRealm http://jakarta.apache.org/tomcat/tomcat-4.1-doc/catalina/docs/api/index.html Jon ----- Original Message ----- From: "Josh Fenlason" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Wednesday, June 12, 2002 8:28 AM Subject: RE: LDAP Authentication with Tomcat 4.1.3 > I used to use Apache1.3.24 and Tomcat 3.2 and I did the ldap authentication > from Apache with two ou entries. Now I'm moving to Apache2 but the ldap > authentication modules don't seem to work, so I need to get Tomcat to do the > ldap authentication. If anyone could give me a pointer, I would greatly > appreciate it. Thanks in advance. > , > Josh. > > -----Original Message----- > From: John Burgess [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, June 12, 2002 4:21 AM > To: Tomcat Users List > Subject: RE: LDAP Authentication with Tomcat 4.1.3 > > > Is having two OU entries OK? > > Best Wishes > John Burgess > [EMAIL PROTECTED] > Tel: 01865 718666 > Fax: 01865 718600 > > > -----Original Message----- > From: Josh Fenlason [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, June 11, 2002 9:12 PM > To: Tomcat > Subject: LDAP Authentication with Tomcat 4.1.3 > > > I'm trying to do LDAP Authentication in Tomcat 4.1.3. I found some a couple > of links that said to use LDAPRealm in Tomcat's server.xml, but I still > haven't had any luck. Has anyone else been able to get this to work? Here > are the two Realm elements that I've tried in server.xml. Any help would be > greatly appreciated. Thanks. > , > Josh. > > <Realm className="com.peacetech.webtools.tomcat.LdapRealmCatalina" > debug="1" > directoryUrl = "ldap://corvette.mn.ptc.com:389"; > searchBindDN = "ou-jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=Bethel" > searchBindCredentials = "mypassword" > searchBaseContext = "o=PTC" > searchFilter = "cn={0}" > searchScopeAsString = "sub" > securityAttributes = "securityEquals" > attributesReadByOwner = "true" > connectionMaxPoolSize = "10" > ldapVersion = "3" /> > <Realm className="org.apache.catalina.realm.LDAPRealm" > ldapContextFactory="com.sun.jndi.ldap.LdapCtxFactory" > ldapServer="ldap.corvette.mn.com" > ldapPort="389" > ldapDN="cn=%u,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=Bethel" > ldapGroupContext="ou=jfenlason_r62DC,ou=jfenlason,l=Arden > Hills,o=Bethel" > > ldapGroupFilter="(&(uniquemember=%dn)(objectclass=groupOfUniqueNames))" > ldapRoleAttribute="cn" > debug="99" /> > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > --- > Incoming mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.365 / Virus Database: 202 - Release Date: 24/05/02 > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.365 / Virus Database: 202 - Release Date: 24/05/02 > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
