JNDIRealm config

Mon, 22 Jul 2002 18:45:40 -0700 


hi 

This looks long but it's actually straightforward.

I can't get the JNDIRealm config to work Netscape Directory Server 3.1.

I suspect the conf. of the JNDIRealm elment is wrong but don't know why. 

I have a LDIF file exported from Netscape Directory Server 3.1 which define(loosely 
speaking)

- an admin user that I use in JNDIRealm for initial connection

- a sales person

- a SalesGroup role which has sales person as a member

Other stuff removed for clarity.

 

dn: uid=admin,o=company.com

objectclass: top

objectclass: person

objectclass: organizationalperson

objectclass: inetorgperson

cn: SuiteSpot Administrator

sn: Administrator

givenname: SuiteSpot

uid: admin

userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=

 

 

dn: uid=salesID,o=company.com

objectclass: top

objectclass: person

objectclass: organizationalPerson

objectclass: inetOrgPerson

objectclass: nsLicenseUser

givenname: salesFir

sn: salesSur

cn: salesFul

uid: salesID

userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=

 

 

dn: cn=SalesGroup,o=company.com

objectclass: top

objectclass: groupOfUniqueNames

cn: SalesGroup

uniquemember: uid=salesID,o=company.com

 

So my JNDIRealm config is,

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"

connectionName="uid=admin,o=company.com"

connectionPassword="password"

connectionURL="ldap://localhost:390";

roleName="cn"

roleSearch="(uniquemember={0})"

roleSubtree="true"

userPassword="userpassword"

userPattern="uid={0},o=company.com"

/>

I have tried many combinations of patterns and attributes in the above configuration 
but none worked.

The initial connection and authentication using admin seemed to work OK.

But I can't get it to authenticate the sales person/salesGroup.

I enter the salesID as the username and its password in the auth. dialog box

 

web.xml has 

 

<security-constraint>

<web-resource-collection>

<web-resource-name>Sales</web-resource-name>

<url-pattern>/jsp/SalesIndex.jsp</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>SalesGroup</role-name>

</auth-constraint>

</security-constraint>

<login-config>

<auth-method>DIGEST</auth-method>

<realm-name>SID</realm-name>

</login-config>

<security-role>

<role-name>SalesGroup</role-name>

</security-role>

 

Thanks very much



---------------------------------
Do You Yahoo!?
Yahoo! Health - Feel better, live better

Reply via email to