You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Josh Fenlason <jf...@ptc.com> on 2002/06/19 16:04:26 UTC
JNDI Realm authentication
I'm still trying to get Tomcat4.1.3 to handle authentication, but it's not
working. It finds the user, but doesn't bind successfully. Does anyone
have any ideas on what I'm doing wrong? Does any one know where I can find
the source for com.sun.jndi.ldap.LdapCtx? Thanks in advance.
,
Josh.
server.xml:
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://camaro.mn.ptc.com:389"
userSearch="(uid={0})"
userBase="ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=PTC"
userSubtree="true"
debug="99"/>
catalina_log:
2002-06-18 16:31:19 JNDIRealm[Standalone]: Searching for admin
2002-06-18 16:31:19 JNDIRealm[Standalone]: base:
ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=PTC filter:
(uid=admin)
2002-06-18 16:31:19 JNDIRealm[Standalone]: entry found for admin with dn
uid=admin,ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=PTC
2002-06-18 16:31:19 JNDIRealm[Standalone]: validating credentials by
binding as the user
2002-06-18 16:31:19 JNDIRealm[Standalone]: binding as
uid=admin,ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=PTC
2002-06-18 16:31:19 JNDIRealm[Standalone]: bind attempt failed
2002-06-18 16:31:19 JNDIRealm[Standalone]: Username admin NOT successfully
authenticated
[LDAP: error code 49 - Invalid Credentials]
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid
Credentials]; remaining name ''
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2655)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2601)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2406)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2323)
at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2267)
at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1677)
at com.sun.jndi.ldap.LdapCtx.doSearchOnce(LdapCtx.java:1670)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1074)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirCon
text.java:216)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCom
positeDirContext.java:124)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCom
positeDirContext.java:112)
at
javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.jav
a:124)
at org.apache.catalina.realm.JNDIRealm.bindAsUser(JNDIRealm.java:996)
at
org.apache.catalina.realm.JNDIRealm.checkCredentials(JNDIRealm.java:903)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:669)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:615)
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthe
nticator.java:161)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase
.java:502)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:644)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:483)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2349)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180
)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:646)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.
java:170)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:644)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:171
)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:644)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:469)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:644)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:483)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java
:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:646)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:483)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.ajp.tomcat4.Ajp13Processor.process(Ajp13Processor.java:458)
at org.apache.ajp.tomcat4.Ajp13Processor.run(Ajp13Processor.java:551)
at java.lang.Thread.run(Thread.java:484)
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: JNDI Realm authentication
Posted by Josh Fenlason <jf...@ptc.com>.
Thanks.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: JNDI Realm authentication
Posted by John Holman <j....@qmul.ac.uk>.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9700
Josh Fenlason wrote:
>>By the way, note that there is a security problem with JNDIRealm in
>>4.1.x prior to 4.1.5.
>>
>>
>
>What kind of security problem would that be? Do you know where I could find
>more info on it? Thanks for your help.
>,
>Josh.
>
>
>--
>To unsubscribe, e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: JNDI Realm authentication
Posted by Josh Fenlason <jf...@ptc.com>.
>By the way, note that there is a security problem with JNDIRealm in
>4.1.x prior to 4.1.5.
What kind of security problem would that be? Do you know where I could find
more info on it? Thanks for your help.
,
Josh.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: JNDI Realm authentication
Posted by John Holman <j....@qmul.ac.uk>.
Josh Fenlason wrote:
>>>From the log it just looks as if the password is not correct (Invalid
>>Credentials). Where's the stack dump coming from?
>>
>>
>
>I added it to org.apache.catalina.realm.JNDIRealm.bindAsUser().
>
OK - that explains that! Apart from that it does look like a normal
authentication attempt with an incorrect password.
One thing you could try would be to set an administrator username and
password and check that the initial bind with those credentials
succeeds. In fact for test purposes you could set the admin username and
password to be the same as those for the user you are trying to
authenticate as. Also logs from the LDAP server might help.
> Do you know
>where I can find the source for com.sun.jndi.ldap.LdapCtx? Thanks.
>
Afraid not .
By the way, note that there is a security problem with JNDIRealm in
4.1.x prior to 4.1.5.
>,
>Josh.
>
>
>--
>To unsubscribe, e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Native library cannot be loaded twice
Posted by Andreas Hirner <an...@projektinter.net>.
Hello,
I have a problem calling a native library within a servlet. The
library is initialised like that:
static {
try {
System.loadLibrary("mapscript");
System.err.println("libmapscript.so loaded");
}
catch (UnsatisfiedLinkError e) {
System.err.println("libmapscript.so not loaded: " + e);
}
}
Everything works fine. However, if I make changes to the servlet and
reload it via the
http://localhost:8080/manager/reload?path=/application
call, and ececute the servlet doing
http://localhost:8080/application/servlet/servletname
I get the following error message listed below. I have to restart
Tomcat in order to check any changes made to the servlet. Does anybody
know how to solve this problem?
Thank you in advance
Andy
################################################
Error Message
################################################
exception
javax.servlet.ServletException: Servlet execution threw an exception
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appli
cationFilterChain.java:269)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFi
lterChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperVa
lve.java:243)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java
:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextVa
lve.java:201)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java
:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2
344)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.ja
va:164)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:566)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcher
Valve.java:170)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:564)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.ja
va:170)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:564)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:4
62)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:564)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java
:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValv
e.java:163)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java
:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor
.java:1011)
at
org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.jav
a:1106)
at java.lang.Thread.run(Thread.java:484)
root cause
java.lang.UnsatisfiedLinkError: get_FTString
at edu.umn.gis.mapscript.mapscript.get_FTString(Native Method)
at edu.umn.gis.mapscript.mapscript.(mapscript.java:767)
at edu.umn.gis.mapscript.mapObj.(mapObj.java:227)
at demo.doGet(demo.java:75)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appli
cationFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFi
lterChain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperVa
lve.java:243)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java
:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextVa
lve.java:201)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java
:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2
344)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.ja
va:164)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:566)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcher
Valve.java:170)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:564)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.ja
va:170)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:564)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:4
62)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:564)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java
:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValv
e.java:163)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.
java:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java
:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor
.java:1011)
at
org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.jav
a:1106)
at java.lang.Thread.run(Thread.java:484)
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: JNDI Realm authentication
Posted by Josh Fenlason <jf...@ptc.com>.
> From the log it just looks as if the password is not correct (Invalid
>Credentials). Where's the stack dump coming from?
I added it to org.apache.catalina.realm.JNDIRealm.bindAsUser(). Do you know
where I can find the source for com.sun.jndi.ldap.LdapCtx? Thanks.
,
Josh.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: JNDI Realm authentication
Posted by John Holman <j....@qmul.ac.uk>.
From the log it just looks as if the password is not correct (Invalid
Credentials). Where's the stack dump coming from?
John.
Josh Fenlason wrote:
>I'm still trying to get Tomcat4.1.3 to handle authentication, but it's not
>working. It finds the user, but doesn't bind successfully. Does anyone
>have any ideas on what I'm doing wrong? Does any one know where I can find
>the source for com.sun.jndi.ldap.LdapCtx? Thanks in advance.
>,
>Josh.
>
>server.xml:
><Realm className="org.apache.catalina.realm.JNDIRealm"
> connectionURL="ldap://camaro.mn.ptc.com:389"
> userSearch="(uid={0})"
> userBase="ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=PTC"
> userSubtree="true"
> debug="99"/>
>
>catalina_log:
>2002-06-18 16:31:19 JNDIRealm[Standalone]: Searching for admin
>2002-06-18 16:31:19 JNDIRealm[Standalone]: base:
>ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=PTC filter:
>(uid=admin)
>2002-06-18 16:31:19 JNDIRealm[Standalone]: entry found for admin with dn
>uid=admin,ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=PTC
>2002-06-18 16:31:19 JNDIRealm[Standalone]: validating credentials by
>binding as the user
>2002-06-18 16:31:19 JNDIRealm[Standalone]: binding as
>uid=admin,ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=PTC
>2002-06-18 16:31:19 JNDIRealm[Standalone]: bind attempt failed
>2002-06-18 16:31:19 JNDIRealm[Standalone]: Username admin NOT successfully
>authenticated
>
>
>[LDAP: error code 49 - Invalid Credentials]
>javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid
>Credentials]; remaining name ''
> at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2655)
> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2601)
> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2406)
> at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2323)
> at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2267)
> at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1677)
> at com.sun.jndi.ldap.LdapCtx.doSearchOnce(LdapCtx.java:1670)
> at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1074)
> at
>com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirCon
>text.java:216)
> at
>com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCom
>positeDirContext.java:124)
> at
>com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCom
>positeDirContext.java:112)
> at
>javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.jav
>a:124)
> at org.apache.catalina.realm.JNDIRealm.bindAsUser(JNDIRealm.java:996)
> at
>org.apache.catalina.realm.JNDIRealm.checkCredentials(JNDIRealm.java:903)
> at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:669)
> at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:615)
> at
>org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthe
>nticator.java:161)
> at
>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase
>.java:502)
> at
>org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
>eNext(StandardPipeline.java:644)
> at
>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:483)
> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> at
>org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2349)
> at
>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180
>)
> at
>org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
>eNext(StandardPipeline.java:646)
> at
>org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.
>java:170)
> at
>org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
>eNext(StandardPipeline.java:644)
> at
>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:171
>)
> at
>org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
>eNext(StandardPipeline.java:644)
> at
>org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:469)
> at
>org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
>eNext(StandardPipeline.java:644)
> at
>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:483)
> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> at
>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java
>:174)
> at
>org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
>eNext(StandardPipeline.java:646)
> at
>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:483)
> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> at
>org.apache.ajp.tomcat4.Ajp13Processor.process(Ajp13Processor.java:458)
> at org.apache.ajp.tomcat4.Ajp13Processor.run(Ajp13Processor.java:551)
> at java.lang.Thread.run(Thread.java:484)
>
>
>--
>To unsubscribe, e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>