Urgent -- Need help configuring JNDI realm

Tue, 13 Sep 2011 11:20:58 -0700 

Hi,

I need help in configuring the JNDI Realm to connect to LDAP Server and
authenticate users. Here are the details:

CN=<AUTH>,OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com - *AUTH is the group in which
i have to search if the user is a member of or not. All the members in this
group are defined in OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com*
**
This group has members who are defined in
CN=<User>,OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com

*I have set my JNDIRealm tag in server.xml as follows:*
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionName="CN=123,OU=Serv-Accts,OU=PAS,OU=Resrc,DC=rma,DC=corp,DC=ABC,DC=com"

connectionPassword="pwd"
connectionURL="ldap://<hostname:port" debug="99"
*roleBase*="OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com"
*roleSubtree*="true"
*roleName*="cn"
*roleSearch*="CN=<AUTH>,OU=XYZ,OU=Application
Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com"
*userBase*="OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com"
*userSubtree*="true"
*userPattern*="CN={0},OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com"/>


*The web.xml is as follows:*
**
   <security-constraint>
   <display-name>Security Constraint</display-name>
   <web-resource-collection>
      <web-resource-name>Protected Area</web-resource-name>
      <!-- Define the context-relative URL(s) to be protected -->
      <url-pattern>/*</url-pattern>
      <!-- If you list http methods, only those methods are protected -->
   </web-resource-collection>
   <auth-constraint>
      <!-- Anyone with one of the listed roles may access this area -->
      <role-name>*AUTH*</role-name>
   </auth-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
   <auth-method>FORM</auth-method>
   <realm-name>Form-Based Authentication Area</realm-name>
     <form-login-config>
     <form-login-page>/Login.jsp</form-login-page>

     <form-error-page>/error.jsp</form-error-page>
   </form-login-config>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
   <role-name>*AUTH*</role-name>
</security-role>


Any help is appreciated.

Thanks,
Savitha

Reply via email to