JNDIRealm config

View Post

- - JNDIRealm config

+1 vote

[ Flat Thread Threaded ]

hi 

This looks long but it's actually straightforward.

I can't get the JNDIRealm config to work Netscape Directory Server 3.1.

I suspect the conf. of the JNDIRealm elment is wrong but don't know why. 

I have a LDIF file exported from Netscape Directory Server 3.1 which define(loosely speaking)

- an admin user that I use in JNDIRealm for initial connection

- a sales person

- a SalesGroup role which has sales person as a member

Other stuff removed for clarity.

dn: uid=admin,o=company.com

objectclass: top

objectclass: person

objectclass: organizationalperson

objectclass: inetorgperson

cn: SuiteSpot Administrator

sn: Administrator

givenname: SuiteSpot

uid: admin

userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=

dn: uid=salesID,o=company.com

objectclass: top

objectclass: person

objectclass: organizationalPerson

objectclass: inetOrgPerson

objectclass: nsLicenseUser

givenname: salesFir

sn: salesSur

cn: salesFul

uid: salesID

userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=

dn: cn=SalesGroup,o=company.com

objectclass: top

objectclass: groupOfUniqueNames

cn: SalesGroup

uniquemember: uid=salesID,o=company.com

So my JNDIRealm config is,

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"

connectionName="uid=admin,o=company.com"

connectionPassword="password"

connectionURL="ldap://localhost:390"

roleName="cn"

roleSearch="(uniquemember={0})"

roleSubtree="true"

userPassword="userpassword"

userPattern="uid={0},o=company.com"

/>

I have tried many combinations of patterns and attributes in the above configuration but none worked.

The initial connection and authentication using admin seemed to work OK.

But I can't get it to authenticate the sales person/salesGroup.

I enter the salesID as the username and its password in the auth. dialog box

web.xml has 

<security-constraint>

<web-resource-collection>

<web-resource-name>Sales</web-resource-name>

<url-pattern>/jsp/SalesIndex.jsp</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>SalesGroup</role-name>

</auth-constraint>

</security-constraint>

<login-config>

<auth-method>DIGEST</auth-method>

<realm-name>SID</realm-name>

</login-config>

<security-role>

<role-name>SalesGroup</role-name>

</security-role>

Thanks very much

---------------------------------
Do You Yahoo!?
Yahoo! Health - Feel better, live better
X-JEM-Mbox-From: From tomcat-user-return-27118-qmlist-jakarta-archive-tomcat-user=jakarta.apache.org@jakarta.apache.org Tue Jul 23 02:07:09 2002
X-JEM-Version: 1.1

Thread : JNDIRealm config

- - hi This looks long but it's actually straightforward. I can't get the JNDIRealm config to work...

Tim Funk To use JNDIRealm with Netscape Directory server you need the 4.1.X series of tomcat and you need to...

John Holman Actually it's userPassword that should not be provided if you want JNDIRealm to bind as the user...

Highlight

View Post

Flat Thread Threaded | Next >

Home > Groups > tomcat-user@jakarta.apache.org > JNDIRealm config (3 posts) > View Post