i'm pretty sure the j_username is the logical attribute name for the uid. the container manages the internals of the authentication. is this what you meant?
i wouldn't consider myself any sort of authority on the j_* attributes, i just tried them and they worked. i suspect that this is the root of my problem, so if nayone knows of a decent source of info about them i'd appreciate it. > I haven't tried to set up an LDAP authenticator in Tomcat, but shouldn't > you have to specify the attribute name for the uid? You've specified > the pattern for the search DN, but I would assume you'd have to specify > "uid" separately somewhere. > > > -----Original Message----- > > From: Maurice Coyle - Sun Microsystems Ireland > [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, July 01, 2003 10:07 AM > > To: [EMAIL PROTECTED] > > Subject: RE: FORM-based ldap authentication problem > > > > by all means. there's 4 basic steps to this: > > > > 1. in server.xml paste the following (replace <YOUR-SERVER> with the > url > > of the > > ldap server and you'll probably have to change the userBase bit too) > to > > tell > > tomcat where to go to authenticate: > > > > <Realm className="org.apache.catalina.realm.JNDIRealm" > debug="99" > > connectionURL="ldap://<YOUR-SERVER>:389" > > userBase="ou=people,dc=sun,dc=com" > > userSearch="uid={0}"/> > > > > > > > > 2. in web.xml, right at the end paste the following (add <url-pattern> > > tags for > > whicever other types of files you want protected): > > > > <security-constraint> > > <web-resource-collection> > > <web-resource-name>tracker</web-resource-name> > > <url-pattern>*.jsp</url-pattern> > > <http-method>GET</http-method> > > <http-method>POST</http-method> > > </web-resource-collection> > > <auth-constraint> > > <!-- <role-name>std</role-name> --> > > <role-name>*</role-name> > > </auth-constraint> > > </security-constraint> > > > > <login-config> > > <auth-method>FORM</auth-method> > > <realm-name>ldapRealm</realm-name> > > <form-login-config> > > <form-login-page>/login.jsp</form-login-page> > > <form-error-page>/login_error.jsp</form-error-page> > > </form-login-config> > > </login-config> > > > > 3. create login.jsp and login_error.jsp and put them in the web-app's > > document > > root > > > > login.jsp must include the form with the j_* fields as in the skeleton > > form > > below: > > > > <form action="j_security_check" method="POST"> > > LDAP Authentication<BR> > > > > <strong>Enter UserId</strong><br> > > <input type="text" name="j_username" size="22"> > > > > <strong>Enter Password</strong><br> > > <input type="password" name="j_password" size="22"> > > > > <input type="submit" name="Submit" value="Submit"> > > </form> > > > > login_error.jsp can be as simple as: > > > > <html> > > <body> > > The system was not able to log you in.<br> > > <form> > > <input type="button" onclick="history.go(-1)" value="Retry"/> > > </form> > > </body> > > </html> > > > > 4. when you've successfully logged in, to get the name of the user > who's > > logged > > in, use String user = request.getRemoteUser(); > > > > > > hope this helps, > > maurice > > > > > > > Mailing-List: contact [EMAIL PROTECTED]; run by > ezmlm > > > List-Unsubscribe: > <mailto:[EMAIL PROTECTED]> > > > List-Subscribe: <mailto:[EMAIL PROTECTED]> > > > List-Help: <mailto:[EMAIL PROTECTED]> > > > List-Post: <mailto:[EMAIL PROTECTED]> > > > List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org> > > > Delivered-To: mailing list [EMAIL PROTECTED] > > > X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0 > > > content-class: urn:content-classes:message > > > Subject: RE: FORM-based ldap authentication problem > > > Date: Tue, 1 Jul 2003 12:52:46 -0400 > > > X-MS-Has-Attach: > > > X-MS-TNEF-Correlator: > > > Thread-Topic: FORM-based ldap authentication problem > > > Thread-Index: AcM/8O7x+q8RZHTaQ5mM0xzRg5mCtAAACyJA > > > From: "Pitre, Russell" <[EMAIL PROTECTED]> > > > To: "Tomcat Users List" <[EMAIL PROTECTED]>, "Maurice > Coyle > > - Sun > > Microsystems Ireland" <[EMAIL PROTECTED]> > > > X-OriginalArrivalTime: 01 Jul 2003 16:52:46.0869 (UTC) > > FILETIME=[32D05C50:01C33FF1] > > > X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N > > > Content-Transfer-Encoding: 8bit > > > X-MIME-Autoconverted: from quoted-printable to 8bit by > > dub-mail1.Ireland.Sun.COM id h61GrEh10906 > > > > > > I've been trying to get form-based ldap authentication > working....but no > > > luck.....do you think > > > i could see some sample code? > > > > > > > > > > > > Russ > > > > > > -----Original Message----- > > > From: Maurice Coyle - Sun Microsystems Ireland > [mailto:[EMAIL PROTECTED] > > > Sent: Tuesday, July 01, 2003 12:50 PM > > > To: [EMAIL PROTECTED] > > > Subject: FORM-based ldap authentication problem > > > > > > > > > hi all, > > > i've implemented form-based ldap authentication on my tomcat server. > it > > > works > > > fine in general but from time to time when i enter my ldap username > and > > > password, i get a blank page with j_security_check in the location > > > field. if i > > > reload the page, i get the login_error.jsp page and upon reloading > the > > > page one > > > further time, i am logged in successfully. > > > > > > this is the exact sequence whenever there is a problem with the > > > authentication, > > > i can reload the page 3 times and i get accepted. > > > > > > does anyone have a clue what's the cause and if there's a solution? > > > > > > appreciate any help, > > > maurice > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
