Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » Tomcat Users »

Re: What LDAP servers does JNDI realm support? -

Equipment Lamp

2003-10-09

Replies:

Hi

Can youguys give some input on the following. I am using the following

Tomcat: 4.1.27-LE-jdk14
Apache: 2.0.47
Java : 1.4.2
Linux OS: 7.3
iPlanet LDAP Server

I am trying to configure LDAP authentication mechanism to my application.

1) In this regard i have downloaded the latest JNDI API and then copied the ldap.jar file to $CATALINA_HOME/server/lib directory.

2) The i have added the following entry to the server.xml file.

    <Realm className="org.apache.catalina.realm.JNDIRealm"
         connectionURL="ldap://ldap.mycompany.com:389"
         userBase="ou=active,ou=employees,ou=people,o=mycompany.com"
         userSearch="(uid={0})"
         roleSearch="(uniqueMember={0})"
         roleName="cn"
         debug="99"
         contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
         />

3) In my application "web.xml" file i have added the following

 <security-constraint>
  <web-resource-collection>
   <web-resource-name>Nrt</web-resource-name>
   <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
   <role-name>*</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>CEC</realm-name>
  </login-config>


But authentication is not working, any debug techniques or methods will be a great help.

Thanks

jerome moliere <jmoliere@(protected):
Davi Leal wrote:

>jerome moliere wrote:
>
>
>>> I am trying to authenticate my webapps via a JNDI Realm, which connects
>>>to Microsoft Site Server (LDAP).
>>>
>>>
>>:(
>>
>>
>
>
>
>>> As I am getting [LDAP: error code 2 - Protocol Error] (See below), I
>>>would like to know if that Micro$oft product is a certified LDAP server.
>>>
>>>
>>as fai as i Know, like any other microsoft product, partially... :)
>>
>>
>
>I have been told the LDAP protocol is no-100% a standard. That is to say, a
>lot of providers have realized different offers, which share only 90% of the
>specification (the core standard).
>
>Nowdays, it is said, the Netscape's one being the more recognised/compatible/
>standard.
>
>So, my question is now: What LDAP products does the JNDI Tomcat realm support?
>
>
No problem with OpenLDAP ('from my experience), NDS or Sun
implementations seem to work nicely.
For microsoft active directory is quite a LDAP server, but you can't use
the referral paradigm

HTH
Jerome



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)



---------------------------------
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
©2008 junlu.com - Jax Systems, LLC, U.S.A.