Hi,

I'm getting started with Tomcat's Realm authentication with LDAP. I've
performed the following steps to authenticate users in my web application :

- put ldap.jar in $TOMCAT_HOME/common/lib

- modified $TOMCAT_HOME/conf/server.xml as follows :

<Realm  className="org.apache.catalina.realm.JNDIRealm" debug="99"
               connectionURL="ldap://my_url:389"
               userPattern="uid={0},ou=People,o=company"
               roleBase="ou=People,o=company"
               roleName="cn"
               roleSearch="(uniqueMember={0})"
               />
I've put this Realm configuration within the <Host> element

- modified the web.xml of my web application to point it to the url.

Then when I try to authenticate I get a 403 error, so it seems like
authentication is ok but I don't have authorization for accessing the
ressources.
Maybe the problem is because of the roles ? Because I couldn't see the
roles on the LDAP server with a LDAP browser, although authentication on
it the browser successful, as well as the queries.
Is there a possibility to authenticate with no roles (I'm not sure what
to put within the <role-name> in web.xml, is this element mandatory?) ?
Or how can we see the roles in the LDAP browser ?

Note : I'm using Tomcat 5.5.17 and OpenLDAP server.

Did I miss something in my process ?
Any hints or suggestions are welcome.

Thanks.

---------------------------------------------------------------------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)