JNDIRealm source code - (was: Re: Tomcat vs Bea WebLogic) 2003-10-11 - By Davi Leal
Back
Hi,
I am using tomcat 4.1.27, Java sdk-1 (See http://sdk-1.ora-code.com).4.1_02 and JNDIRealm to use the Micro$oft
Site Server service to authenticate our webapps.
I get an "error code 2" exception (Protocol Error) only when the user and the
password is right. That is to say, when an OK is expected. I am thinking
about modify the JNDIRealm to support that Micro$oft returned 'code', instead
of raising an exception. It looks easy :) . You can see below the appointed
catalina log.
Can you supply me any URL, CVS repository, or whatever which points me to the
JNDI source code?.
I have read the JNDI API I must use is the one included in Java sdk 1.4.2.
Last question: Can we solve the 'M$ protocol' issue just using Tomcat 5.0?.
Regards,
Davi Leal
Tim Funk wrote:
> I have gotten JNDIRealm to work against iPlanet. I have heard others get it
> working against:
> - Active Directory (I personally had problems due to some IT policies)
> - Novell
> - OpenLDAP
>
> But in the worst case - the code is open for change so creating a custom
> Realm should be simple if one understands JNDI programming. Which is what I
> had to do with respect to ActiveDirectory and wacky business rules vs
> domain setup.
>
> -Tim
>
>
> David Diaz wrote:
> > Reference: http://www.weblogic.com/docs51/admindocs/ldap2.html#intro
> >
> > The WebLogic LDAP realm has been tested against the following LDAP
> > servers:
> > * OpenLDAP
> > * iPlanet Directory Server
> > * Microsoft Site Server
> >
> > I would like to get a similar Tomcat link to show to my boss.
APPENDIX
========
The catalina log
-- ---- ---- ---
59 JNDIRealm[Standalone]: Connecting to URL ldap://host:1003
* Testing with a no-existent user:
44 JNDIRealm[Standalone]: lookupUser(davi)
44 JNDIRealm[Standalone]: dn=cn=davi,ou=Members,o=tpi
44 JNDIRealm[Standalone]: validating credentials by binding as the user
44 JNDIRealm[Standalone]: binding as cn=davi,ou=Members,o=org
44 JNDIRealm[Standalone]: bind attempt failed
44 JNDIRealm[Standalone]: Autentificaci�n fallida para el usuario davi
* Testing with an user which is right, but using a worng password:
36 JNDIRealm[Standalone]: lookupUser(ph32796)
36 JNDIRealm[Standalone]: dn=cn=ph32796,ou=Members,o=org
36 JNDIRealm[Standalone]: validating credentials by binding as the user
36 JNDIRealm[Standalone]: binding as cn=ph32796,ou=Members,o=org
36 JNDIRealm[Standalone]: bind attempt failed
36 JNDIRealm[Standalone]: Autentificaci�n fallida para el usuario ph32796
* Testing with both user and password right:
09 JNDIRealm[Standalone]: lookupUser(phe2796)
09 JNDIRealm[Standalone]: dn=cn=phe2796,ou=Members,o=org
09 JNDIRealm[Standalone]: validating credentials by binding as the user
09 JNDIRealm[Standalone]: binding as cn=phe2796,ou=Members,o=org
09 JNDIRealm[Standalone]: Excepci�n al realizar la autentificaci�n
javax.naming.CommunicationException  : [LDAP: error code 2 - Protocol Error];
remaining name ''
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2965)
...
09 JNDIRealm[Standalone]: Closing directory context
The realm we are using in server.xml
-- ---- ---- ---- ---- ---- ---- ---
<Realm className="org.apache.catalina.realm.JNDIRealm " debug="99"
connectionName="cn=PHE2796,ou=Members,o=org"
connectionPassword="****"
connectionURL="ldap://host:1003"
userPattern="cn={0},ou=Members,o=org"
userSubtree="true"
roleBase="ou=UserCFuncional,ou=CFuncional,ou=Groups,o=org"
roleName="cn"
roleSearch="(uniqueMember={0})"
/>
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)
|
|
