I am trying to get tomcat talking to openLDAP. I can not get the user authenticated below I have listed the realm config, the ldif file. 1. can anyone see a problem with my config. I see the traffic on the openLDAP side and it is reading the userPassword attribute, the tomcat log has 2003-01-30 14:51:43 JNDIRealm[Standalone]: dn=cn=aadmin,ou=people,dc=acxiom,dc=com 2003-01-30 14:51:43 JNDIRealm[Standalone]: retrieving attribute userPassword 2003-01-30 14:51:43 JNDIRealm[Standalone]: retrieving value 2003-01-30 14:51:43 JNDIRealm[Standalone]: validating credentials 2003-01-30 14:51:43 JNDIRealm[Standalone]: Username aadmin NOT successfully authenticated
2. is there anyway to get more debug information from tomcat 3. is openLDAP base install set for SHA?? I have had this working with WLS connecting to the same openLDAP. Help [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://10.85.42.223:389 <ldap://10.85.42.223:389> " connectionName="cn=Manager,dc=acxiom,dc=com" connectionPassword="secret" userPattern="cn={0},ou=people,dc=acxiom,dc=com" roleBase="ou=groups, dc=acxiom, dc=com" roleName="cn" roleSearch="(member={0})" roleSubtree="true" userPassword="userPassword" digest="SHA"/> openLDAP is the base install, no changes. The ldif file looks like: # people dn: ou=people, dc=acxiom, dc=com objectclass: organizationalUnit ou: people # adevelopment dn: cn=adevelopment, ou=people, dc=acxiom, dc=com objectclass: person cn: adevelopment sn: adevelopment userpassword: Please-change # adnsdk20 dn: cn=adnsdk20, ou=people, dc=acxiom, dc=com objectclass: top objectclass: person cn: adnsdk20 sn: adnsdk20 userpassword: Please-change # registration dn: cn=registration, ou=people, dc=acxiom, dc=com objectclass: person cn: registration sn: registration userpassword: Please-change # acustomerprod dn: cn=acustomerprod, ou=people, dc=acxiom, dc=com objectclass: person cn: acustomerprod sn: acustomerprod userpassword: Please-change # acustomertest dn: cn=acustomertest, ou=people, dc=acxiom, dc=com objectclass: person cn: acustomertest sn: acustomertest userpassword: Please-change # guest dn: cn=guest, ou=people, dc=acxiom, dc=com objectclass: person cn: guest sn: guest userpassword: Please-change # acustomer dn: cn=acustomer, ou=people, dc=acxiom, dc=com objectclass: person cn: acustomer sn: acustomer userpassword: Please-change # acustomerbeta dn: cn=acustomerbeta, ou=people, dc=acxiom, dc=com objectclass: person cn: acustomerbeta sn: acustomerbeta userpassword: Please-change # aadmin dn: cn=aadmin, ou=people, dc=acxiom, dc=com objectclass: person cn: aadmin sn: aadmin userpassword: Please-change # atest1 dn: cn=atest1, ou=people, dc=acxiom, dc=com objectclass: person cn: atest1 sn: atest1 userpassword: Please-change # End of File # groups dn: ou=groups, dc=acxiom, dc=com objectclass: top objectclass: organizationalUnit ou: groups # customerCampaignTestRulesJava dn: cn=customerCampaignTestRulesJava, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: customerCampaignTestRulesJava Member: cn=testr1, ou=people, dc=acxiom, dc=com Member: cn=acustomertest, ou=people, dc=acxiom, dc=com Member: cn=adnsdk20, ou=people, dc=acxiom, dc=com # MAINT_SERVLET dn: cn=MAINT_SERVLET, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: MAINT_SERVLET Member: cn=admin, ou=groups, dc=acxiom, dc=com # AUDIT_REPORT_SERVLET dn: cn=AUDIT_REPORT_SERVLET, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: AUDIT_REPORT_SERVLET Member: cn=customerBeta, ou=groups, dc=acxiom, dc=com Member: cn=customerProduction, ou=groups, dc=acxiom, dc=com Member: cn=customerTest, ou=groups, dc=acxiom, dc=com # customerProduction dn: cn=customerProduction, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: customerProduction Member: cn=acustomerprod, ou=people, dc=acxiom, dc=com # S4EE_DEMO_SERVLET dn: cn=S4EE_DEMO_SERVLET, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: S4EE_DEMO_SERVLET Member: cn=customer, ou=groups, dc=acxiom, dc=com # SESSION_MANAGER_EJB dn: cn=SESSION_MANAGER_EJB, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: SESSION_MANAGER_EJB Member: cn=customer, ou=groups, dc=acxiom, dc=com # XML_GEN_SERVLET dn: cn=XML_GEN_SERVLET, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: XML_GEN_SERVLET Member: cn=customerBeta, ou=groups, dc=acxiom, dc=com Member: cn=customerTest, ou=groups, dc=acxiom, dc=com # developmentSupport dn: cn=developmentSupport, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: developmentSupport Member: cn=adevelopment, ou=people, dc=acxiom, dc=com # customer dn: cn=customer, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: customer Member: cn=customerBeta, ou=groups, dc=acxiom, dc=com Member: cn=customerTest, ou=groups, dc=acxiom, dc=com Member: cn=customerProduction, ou=groups, dc=acxiom, dc=com # ADMINISTRATIVE_SERVLET dn: cn=ADMINISTRATIVE_SERVLET, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: ADMINISTRATIVE_SERVLET Member: cn=admin, ou=groups, dc=acxiom, dc=com # customerTest dn: cn=customerTest, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: customerTest Member: cn=acustomertest, ou=people, dc=acxiom, dc=com Member: cn=adnsdk20, ou=people, dc=acxiom, dc=com # HTTP_GATEWAY_SERVLET dn: cn=HTTP_GATEWAY_SERVLET, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: HTTP_GATEWAY_SERVLET Member: cn=customerBeta, ou=groups, dc=acxiom, dc=com Member: cn=customerTest, ou=groups, dc=acxiom, dc=com Member: cn=customerProduction, ou=groups, dc=acxiom, dc=com # customerMarketingProfileII dn: cn=customerMarketingProfileII, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: customerMarketingProfileII Member: cn=acustomertest, ou=people, dc=acxiom, dc=com Member: cn=adnsdk20, ou=people, dc=acxiom, dc=com # admin dn: cn=admin, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: admin Member: cn=aadmin, ou=people, dc=acxiom, dc=com # customerBeta dn: cn=customerBeta, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: customerBeta Member: cn=acustomerbeta, ou=people, dc=acxiom, dc=com # everyone dn: cn=everyone, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: everyone Member: cn=system, ou=people, dc=acxiom, dc=com Member: cn=adevelopment, ou=people, dc=acxiom, dc=com Member: cn=adnsdk20, ou=people, dc=acxiom, dc=com Member: cn=registration, ou=people, dc=acxiom, dc=com Member: cn=acustomerprod, ou=people, dc=acxiom, dc=com Member: cn=acustomertest, ou=people, dc=acxiom, dc=com Member: cn=guest, ou=people, dc=acxiom, dc=com Member: cn=acustomer, ou=people, dc=acxiom, dc=com Member: cn=acustomerbeta, ou=people, dc=acxiom, dc=com Member: cn=aadmin, ou=people, dc=acxiom, dc=com # HTTP_GATEWAY_TEST_SERVLET dn: cn=HTTP_GATEWAY_TEST_SERVLET, ou=groups, dc=acxiom, dc=com objectclass: top objectclass: groupOfNames cn: HTTP_GATEWAY_TEST_SERVLET Member: cn=admin, ou=groups, dc=acxiom, dc=com # End of File ********************************************************************* The information contained in this communication is confidential, is intended only for the use of the recipient named above, and may be legally privileged. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please re-send this communication to the sender and delete the original message or any copy of it from your computer system. Thank You.
