JNDI Realm Help - (using iplanet)

Tue, 20 Aug 2002 10:23:19 -0700 

Hello,

I am trying to get TC (4.0.4) to establish a working JNDI realm using
iplanet's directory server.  I am using FORM based login and have this
working as a JDBC realm previously.

As you can see below, I would like to keep my users and roles in
ou=warnertruck,ou=truckcenter,dc=secristfamily,dc=com.  Iplanet sets up each
user with a role nsrole, and nsroledn.  I have tried switching the values
for roleName, and roleSearch, and since iplanet stores passwords using SHA,
I even threw on a digest="SHA" in the realm tag.  I have messed with this
for months now, and have searched the web extensivly for help.  Would
someone please tell me what I need to do to get this working?

If I can actually get this working, I will be most elated!

Randy Secrist

Below are my catalina.log, and server.xml...

2002-08-20 11:32:04 JNDIRealm[WarnerTruck]: Connecting to URL
ldap://myserver.com/
2002-08-20 11:32:26 JNDIRealm[WarnerTruck]: getUserDN(RSecrist)
2002-08-20 11:32:26 JNDIRealm[WarnerTruck]:
dn=uid=RSecrist,ou=warnertruck,ou=truckcenter,dc=secristfamily,dc=com
2002-08-20 11:32:26 JNDIRealm[WarnerTruck]:   retrieving attribute
userPassword
2002-08-20 11:32:26 JNDIRealm[WarnerTruck]:   retrieving value
2002-08-20 11:32:26 JNDIRealm[WarnerTruck]:   validating credentials
2002-08-20 11:32:26 JNDIRealm[WarnerTruck]: Username RSecrist NOT
successfully authenticated

----------------------------------------------------------------------------
-----------------------------------------------------

Here is my server.xml snippet:
<Realm   className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionName="cn=DirectoryManager" connectionPassword="pleaseWork"
connectionURL="ldap://myserver.com/";
roleBase="ou=warnertruck,ou=truckcenter,dc=secristfamily,dc=com"
roleName="nsroledn"
roleSearch="(cn={0},ou=warnertruck,ou=truckcenter,dc=secristfamily,dc=com)"
roleSubtree="false" userPassword="userPassword"
userPattern="uid={0},ou=warnertruck,ou=truckcenter,dc=secristfamily,dc=com"
/>

----------------------------------------------------------------------------
-----------------------------------------------------


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to