This was exactly my problem. I had not seen that I needed to do this while reviewing the documentation. With this help I was able to get everything working.
It looks like LDAP dynamic groups aren't currently supported by Tomcat. Does anyone have information that conflicts this? I ended up using a static group. ------------------- > Did you protect the resource that you're trying to access with a > security-constraint in your web.xml? > > Jon > > ----- Original Message ----- > From: "Douglas L Stewart" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, September 23, 2002 11:31 AM > Subject: JNDIRealm and 4.1.10 with iPlanet > > > > I'm using Tomcat 4.1.10 trying to authenticate against iPlanet > > Directory Server 5.0. > > > > I've created a Realm inside of the Engine declaration: > > > > <Realm className="org.apache.catalina.realm.JNDIRealm" > > debug="999" > > connectionName="cn=Directory Manager" > > connectionPassword="mypassword" > > connectionURL="ldap://192.168.90.120:11592"; > > roleBase="dc=my-company,dc=com" > > roleName="uid" > > roleSearch="(uid={0})" > > roleSubtree="false" > > userPassword="userPassword" > > userPattern="uid={0}, ou=People, dc=my-company, > > dc=com" > > /> > > > > I'm getting this in the log when I start Tomcat: > > > > 2002-09-23 11:09:49 JNDIRealm[Standalone]: Connecting to URL > > ldap://192.168.90.120:11592 > > > > According to the documentation putting the Realm declaration in the > > Engine section should make it used globally, but when I try to view > > some of my servlets I see nothing in the log and I'm not prompted for > > a login, it just shows the page. > > > > What am I missing? > > > > -- > > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
