 | Mailing List | | Home | | Forum Home | | JBoss - Java Application Server | | Struts - A MVC web framework | | Tomcat - JSP/Servlet container | | iText - An open source PDF Java Library | | JDOM - JDOM XML Parser | | J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition | | J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog | | Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology | | JSP - A mailing list about Java Server Pages specification and reference | |
Struts & Hibernate
|
|
|
| | Re: ActiveDirectory not following referrals when using
JNDIRealm | Re: ActiveDirectory not following referrals when using
JNDIRealm 2003-06-06 - By Bradley M. Handy
Back
I figured it out. The credentials I was using the creation of the
InitialDirContext didn't have enough permissions (for some weird
reason). I got it to work when I used a different account.
Brad Handy
At 11:28 AM 6/6/2003, you wrote:
>I'm using Tomcat 4.1.24 (win32) and I have my JNDIRealm configured like so:
>
><Realm className="org.apache.catalina.realm.JNDIRealm  "
> debug="5"
> referrals="follow"
> connectionURL="ldap://vader.arbor.edu"
> alternateURL="ldap://bsod.arbor.edu"
> userBase="dc=arbor,dc�u"
> userSearch="(&(objectClass=user) (cn={0}))"
> roleBase="dc=arbor,dc�u"
> roleName="cn"
> roleSearch="(&(objectClass=group) (member={0}))"
> connectionName="< distinguished name >"
> connectionPassword="< password >"
> roleSubtree="true"
> userSubtree="true" />
>
>And I'm getting the following PartialResultException:
>
>2003-06-06 10:25:12 JNDIRealm[Standalone]: Exception performing authentication
>javax.naming.PartialResultException Root exception is
>javax.naming.AuthenticationException : [LDAP: error code 49 - 80090308:
>LdapErr: DSID-0 (See http://SID-0.ora-code.com)C09030B, comment: AcceptSecurityContext error, data 532, v893�]
> at
> com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:74)
> at
> com.sun.jndi.ldap.LdapReferralException.getReferralContext
(LdapReferralException.java:132)
> at
> com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals
(LdapNamingEnumeration.java:334)
> at
> com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration
.java:207)
> at
> com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java
:170)
> at
> org.apache.catalina.realm.JNDIRealm (JNDIRealm.java:1036)
> at org.apache.catalina.realm.JNDIRealm (JNDIRealm.java:913)
> at
> org.apache.catalina.realm.JNDIRealm (JNDIRealm.java:862)
> at
> org.apache.catalina.realm.JNDIRealm (JNDIRealm.java:788)
> at
> org.apache.catalina.authenticator.BasicAuthenticator
(BasicAuthenticator.java:161)
> at
> org.apache.catalina.authenticator.AuthenticatorBase (AuthenticatorBase
.java:526)
> at
> org.apache.catalina.core.StandardPipeline $StandardPipelineValveContext
.invokeNext(StandardPipeline.java:641)
> at
> org.apache.catalina.core.StandardPipeline (StandardPipeline.java:480)
> at
> org.apache.catalina.core.ContainerBase (ContainerBase.java:995)
> at
> org.apache.catalina.core.StandardContext (StandardContext.java:2415)
> at
> org.apache.catalina.core.StandardHostValve (StandardHostValve.java:180)
> at
> org.apache.catalina.core.StandardPipeline $StandardPipelineValveContext
.invokeNext(StandardPipeline.java:643)
> at
> org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve
.java:171)
> at
> org.apache.catalina.core.StandardPipeline $StandardPipelineValveContext
.invokeNext(StandardPipeline.java:641)
> at
> org.apache.catalina.valves.ErrorReportValve (ErrorReportValve.java:172)
> at
> org.apache.catalina.core.StandardPipeline $StandardPipelineValveContext
.invokeNext(StandardPipeline.java:641)
> at
> org.apache.catalina.valves.AccessLogValve (AccessLogValve.java:509)
> at
> org.apache.catalina.core.StandardPipeline $StandardPipelineValveContext
.invokeNext(StandardPipeline.java:641)
> at
> org.apache.catalina.authenticator.SingleSignOn (SingleSignOn.java:376)
> at
> org.apache.catalina.core.StandardPipeline $StandardPipelineValveContext
.invokeNext(StandardPipeline.java:641)
> at
> org.apache.catalina.core.StandardPipeline (StandardPipeline.java:480)
> at
> org.apache.catalina.core.ContainerBase (ContainerBase.java:995)
> at
> org.apache.catalina.core.StandardEngineValve (StandardEngineValve.java
:174)
> at
> org.apache.catalina.core.StandardPipeline $StandardPipelineValveContext
.invokeNext(StandardPipeline.java:643)
> at
> org.apache.catalina.core.StandardPipeline (StandardPipeline.java:480)
> at
> org.apache.catalina.core.ContainerBase (ContainerBase.java:995)
> at
> org.apache.coyote.tomcat4.CoyoteAdapter (CoyoteAdapter.java:223)
> at
> org.apache.jk.server.JkCoyoteHandler (JkCoyoteHandler.java:261)
> at
> org.apache.jk.common.HandlerRequest (HandlerRequest.java:360)
> at org.apache.jk.common.ChannelSocket (ChannelSocket.java:604)
> at
> org.apache.jk.common.ChannelSocket (ChannelSocket.java:562)
> at
> org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:679)
> at
> org.apache.tomcat.util.threads.ThreadPool $ControlRunnable.run(ThreadPool.java
:619)
> at java.lang.Thread (Thread.java:536)
>
>Can anyone tell where I'm going wrong? This configuration works fine in
>4.1.18, but not in 4.1.24. (It works in 4.1.18, because I implemented the
>patch that I submitted to Tomcat for the alternateURL stuff.)
>
>Brad Handy
>
>
>-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
>For additional commands, e-mail: tomcat-user-help@(protected)
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)
|
|
|
