- - (y...@yahoo.com)

Profile | Posts (1)

User Information

Display Name:

- -

Partial Email Address:

y...@yahoo.com

Posts:

1	total
1	in tomcat-user@jakarta.apache.org

1 Most Recent Post

1) - - JNDIRealm config

+1 vote

hi This looks long but it's actually straightforward. I can't get the JNDIRealm config to work...

tomcat-user@jakarta.apache.org

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

hi 

This looks long but it's actually straightforward.

I can't get the JNDIRealm config to work Netscape Directory Server 3.1.

I suspect the conf. of the JNDIRealm elment is wrong but don't know why. 

I have a LDIF file exported from Netscape Directory Server 3.1 which define(loosely speaking)

- an admin user that I use in JNDIRealm for initial connection

- a sales person

- a SalesGroup role which has sales person as a member

Other stuff removed for clarity.

dn: uid=admin,o=company.com

objectclass: top

objectclass: person

objectclass: organizationalperson

objectclass: inetorgperson

cn: SuiteSpot Administrator

sn: Administrator

givenname: SuiteSpot

uid: admin

userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=

dn: uid=salesID,o=company.com

objectclass: top

objectclass: person

objectclass: organizationalPerson

objectclass: inetOrgPerson

objectclass: nsLicenseUser

givenname: salesFir

sn: salesSur

cn: salesFul

uid: salesID

userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=

dn: cn=SalesGroup,o=company.com

objectclass: top

objectclass: groupOfUniqueNames

cn: SalesGroup

uniquemember: uid=salesID,o=company.com

So my JNDIRealm config is,

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"

connectionName="uid=admin,o=company.com"

connectionPassword="password"

connectionURL="ldap://localhost:390"

roleName="cn"

roleSearch="(uniquemember={0})"

roleSubtree="true"

userPassword="userpassword"

userPattern="uid={0},o=company.com"

/>

I have tried many combinations of patterns and attributes in the above configuration but none worked.

The initial connection and authentication using admin seemed to work OK.

But I can't get it to authenticate the sales person/salesGroup.

I enter the salesID as the username and its password in the auth. dialog box

web.xml has 

<security-constraint>

<web-resource-collection>

<web-resource-name>Sales</web-resource-name>

<url-pattern>/jsp/SalesIndex.jsp</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>SalesGroup</role-name>

</auth-constraint>

</security-constraint>

<login-config>

<auth-method>DIGEST</auth-method>

<realm-name>SID</realm-name>

</login-config>

<security-role>

<role-name>SalesGroup</role-name>

</security-role>

Thanks very much

---------------------------------
Do You Yahoo!?
Yahoo! Health - Feel better, live better
X-JEM-Mbox-From: From tomcat-user-return-27118-qmlist-jakarta-archive-tomcat-user=jakarta.apache.org@jakarta.apache.org Tue Jul 23 02:07:09 2002
X-JEM-Version: 1.1

Highlight

Profile | Posts (1)

Home > People > - -