Help with Active directory authentication in tomcat 5

Google

Mailing List

Home

Forum Home

JBoss - Java Application Server

Struts - A MVC web framework

Tomcat - JSP/Servlet container

iText - An open source PDF Java Library

JDOM - JDOM XML Parser

J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition

J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog

Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology

JSP - A mailing list about Java Server Pages specification and reference

Struts & Hibernate

Subjects

•	JSP editor plugin for eclipse ?
•	org apache jasper JasperException: Unable to compile class for JSP
•	Tomcat: Connection reset by peer: socket write error
•	Cannot retrieve definition for form bean null
•	Struts Tiles Tutorial (free Struts training)
•	Where do I download Tomcat 4 0 6?
•	Data Access Object (DAO) pattern, example DAO 's
•	Where to download Tomcat v 4 1 24 from?
•	Tomcat 5 0 16 Requested resource not available
•	Oracle Connection Pooling in 3 2 2
•	Servlet : Session invalidate
•	Servlet action is currently unavailable
•	Tomcat/Struts Unicode Encoding/Decoding problems
•	Tomcat and webapplication specific java library path
•	Running a Simple JMS Example
•	Mapping in workers2 properties
•	org apache jasper JasperException
•	Cannot find message resources under key org apache struts action MESSAGE
•	problem with html:text bean throwing exception
•	Cannot find message resources under key org apache struts action MESSAGE
•	invalid direct reference problem with solution
•	Tool for jsp debug Try Sysdeo Eclipse Plugin
•	Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
•	weblogic ejbc
•	java properties file
•	Jboss 3 2 3 Coyote Can 't re
•	Tomcat 5, Apache2 and mod jk2 integration problem
•	JBoss example problem new to J2EE
•	url string for connecting jboss to oracle
•	Value attribute of <html:checkbox
•	javax servlet ServletException: BeanUtils populate
•	HTTP Status 404 The requested resource is not available
•	5 0 18: Windows XP Pro vs Windows 2000

Help with Active directory authentication in tomcat 5

Help with Active directory authentication in tomcat 5

2004-02-04 - By Paul Gier

Back
I am trying to authenticate web users against an active directory
instance, but for some reason the configuration that worked in tomcat 4.1
is not working in tomcat 5.0.18

Here is the message that I get from the realm authentication with
debugging turned on:

2004-02-04 16:10:20 JNDIRealm[/lts/corp]: Searching for corp
2004-02-04 16:10:20 JNDIRealm[/lts/corp]: base:
CN=Users,DC=development,DC=com filter:
(userPrincipalName=corp@(protected))
2004-02-04 16:10:20 JNDIRealm[/lts/corp]: entry found for corp with dn
CN=corp,CN=Users,DC=development,DC=com
2004-02-04 16:10:20 JNDIRealm[/lts/corp]: retrieving values for
attribute member
2004-02-04 16:10:20 JNDIRealm[/lts/corp]: validating credentials by
binding as the user
2004-02-04 16:10:20 JNDIRealm[/lts/corp]: binding as
CN=corp,CN=Users,DC=development,DC=com
2004-02-04 16:10:20 JNDIRealm[/lts/corp]: Username corp successfully
authenticated
2004-02-04 16:10:20 JNDIRealm[/lts/corp]:
getRoles(CN=corp,CN=Users,DC=development,DC=com)
2004-02-04 16:10:20 JNDIRealm[/lts/corp]: Searching role base
'CN=Users,DC=development,DC=com' for attribute 'cn'
2004-02-04 16:10:20 JNDIRealm[/lts/corp]: With filter expression
'\28member=CN=corp,CN=Users,DC=development,DC=com\29'
2004-02-04 16:10:20 JNDIRealm[/lts/corp]: Returning 0 roles

It appears to successfully authenticate the user, but does not find the
roles. In tomcat 4.1 I get very similar information, but it returns 1
role which is the correct behavior. I also noticed that instead of "("
and ")" the log is showing "\28" and "\29". Is this part of the problem?
Here is the server.xml excerpt that I am using:

<Realm className="org.apache.catalina.realm.JNDIRealm

Source code of org.apache.catalina.realm.JNDIRealm

"
debug="99"
connectionURL="ldap://dev:389"
userBase="cn=users,dc=development,dc=com"
userSearch="(userPrincipalName={0}@(protected))"
userRoleName="member"
roleBase="cn=users,DC=development,DC=com"
roleName="cn"
roleSearch="(member={0})"
connectionName="CN=user,CN=users,DC=development,DC=com"
connectionPassword="pass"
roleSubtree="true"
userSubtree="true" />

The same realm configuration seems to work fine for tomcat 4.1 but can't
find the roles in 5.0.18.
Can anyone help me?

Thanks!!