The JndiLdapRealm is working for me. I would open up your debugger and put a breakpoint in JndiLdapRealm, line 295 and see what happens. If the context is not opened successfully due to incorrect login credentials, a Shiro AuthenticationException will be thrown. If this exception is not thrown, then your LDAP server connection is allowing the BIND operation for the specified credentials.
Also, when you set up the contextFactory bean, I would use the explicit bean properties where possible, e.g.: <bean id="contextFactory" class="org.apache.shiro.realm.ldap.JndiLdapContextFactory"> <property name="url" value="ldap://server:port"; /> </bean> What does your debugger show you when line 295 is executed? Regards, -- Les Hazlewood Founder, Katasoft, Inc. Application Security Products & Professional Apache Shiro Support and Training: http://www.katasoft.com
