You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/08/08 05:32:14 UTC
DO NOT REPLY [Bug 22236] New: -
JNDI Realm authentication to Novell eDirectory via LDAP
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22236>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22236
JNDI Realm authentication to Novell eDirectory via LDAP
Summary: JNDI Realm authentication to Novell eDirectory via LDAP
Product: Tomcat 4
Version: 4.1.27
Platform: PC
OS/Version: Windows NT/2K
Status: NEW
Severity: Major
Priority: Other
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: blanchard@medinst.com
I am trying to setup JNDI authentication for the Administrator and Manager
pages to learn how to use the JNDI Realm. But if debug is enabled (I have it
set to 99 to be really verbose) I am getting a java null pointer exception.
Looking at the JNDIRealm.java file it appears it is barfing in a debug
statement.
Below is how I did it...
I created a JNDI Realm in the server.xml file.
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="ldap://192.168.1.23:389"
connectionName="cn=adminx,ou=zpar,o=med"
connectionPassword="zparpwd"
userPattern="cn={0},ou=zpar,o=med"
roleBase="ou=zpar,o=med"
roleName="cn"
roleSearch="(uniqueMember={0})"
/>
I Created an admin user to authenticate the ldap directory named:
cn=adminx,ou=zpar,o=med
I created a test user
cn=test,ou=zpar,o=med
I created two groups
cn=admin,ou=zpar,o=med and
cn=manager,ou=zpar,o=med.
I added the test user to both groups.
I then launched my browser and tried to access the Adminstrator page. When the
login page appears, I enter the information for my test user, and I never get
the admin page, but...
This is an excerpt from my ldap trace on my netware server:
DoBind on connection 0xc9206aa0
DoBind: name = 'cn=adminx,ou=zpar,o=med', client version = 3, method = 0x80
Sending operation result 0:"":"" to connection 0xc9206aa0
DoSearch on connection 0xc9206aa0
Search request:
base: "ou=zpar,o=med"
scope:1 derefence:3 sizelimit:0 timelimit:0 attrsonly:0
filter: "(uniqueMember=cn=test,ou=zpar,o=med)"
attribute: "cn"
Sending search result entry "cn=manager,ou=zpar,o=med" to connection 0xc9206aa0
Sending search result entry "cn=admin,ou=zpar,o=med" to connection 0xc9206aa0
Sending operation result 0:"":"" to connection 0xc9206aa0
This is an excerpt from my catalina log file (catalina_log.2003-08-07.txt):
2003-08-07 22:23:16 JNDIRealm[Standalone]: lookupUser(test)
2003-08-07 22:23:16 JNDIRealm[Standalone]: dn=cn=test,ou=zpar,o=med
2003-08-07 22:23:16 JNDIRealm[Standalone]: validating credentials by binding
as the user
2003-08-07 22:23:16 JNDIRealm[Standalone]: binding as cn=test,ou=zpar,o=med
2003-08-07 22:23:16 JNDIRealm[Standalone]: Username test successfully
authenticated
2003-08-07 22:23:16 JNDIRealm[Standalone]: getRoles(cn=test,ou=zpar,o=med)
2003-08-07 22:23:16 JNDIRealm[Standalone]: Searching role
base 'ou=zpar,o=med' for attribute 'cn'
2003-08-07 22:23:16 JNDIRealm[Standalone]: With filter
expression '(uniqueMember=cn=test,ou=zpar,o=med)'
2003-08-07 22:23:16 JNDIRealm[Standalone]: retrieving values for attribute cn
2003-08-07 22:23:16 JNDIRealm[Standalone]: retrieving values for attribute cn
2003-08-07 22:23:16 CoyoteAdapter An exception or error occurred in the
container during the request processing
java.lang.NullPointerException
at org.apache.catalina.realm.JNDIRealm.getRoles(JNDIRealm.java:1282)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:871)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:788)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate
(FormAuthenticator.java:263)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:481)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContext.invoke
(StandardContext.java:2416)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:643)
at org.apache.catalina.valves.ErrorDispatcherValve.invoke
(ErrorDispatcherValve.java:171)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:641)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.coyote.tomcat4.CoyoteAdapter.service
(CoyoteAdapter.java:223)
at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:601)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnectio
n(Http11Protocol.java:392)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt
(PoolTcpEndpoint.java:565)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run
(ThreadPool.java:619)
at java.lang.Thread.run(Thread.java:536)
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org