You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Steve Ingraham <si...@okcca.net> on 2007/04/09 17:32:04 UTC
assistance with logon error
We have a MySQL database backend that is accessed through our website
using Apache Tomcat that was set up before I came on board here. I am
just familiar enough with this setup to be dangerous.
Our problem is that whenever our users attempt to logon to the database
this morning they get this error message:
org.keel.services.authentication.mad.LoginHelper: singraham:Unable to
access LDAP server at occadb Reason: occadb:389
I am sure that my actions last Friday have contributed to this problem
but I need some help on tracking down where I can fix this problem. On
Friday I demoted an old Windows 2000 Advanced Server from serving as a
Domain Controller for our domain. I have a Windows 2003 server that was
also serving as DC along with the now demoted server. I have been
informed by the web application developer that this has caused this
failure as he believes there was a line of code that was pointing to
this old DC to acquire the logon information. However, he cannot recall
where this file is or what it was called. I have been informed that
there is a line in one of the configuration files for our website that
needs to direct to the new DC for our domain and that once that line is
changed to redirect to the new DC we will be able to logon.
I have been searching for any configuration files in our web application
that would have the specific line directing to the "now incorrect" DC.
Can anyone provide me with information on where this configuration file
may reside? What its name, location, path could be? Is there a
standard location in a Tomcat environment where this type of
configuration file may be?
The web application is running on Apache Tomcat 5.5.15 on a Redhat AS 3
server.
Thanks in advance for any assistance.
Steve
RE: assistance with logon error
Posted by Steve Ingraham <si...@okcca.net>.
> -----Original Message-----
> From: Hassan Schroeder [mailto:hassan.schroeder@gmail.com]
> Sent: Monday, April 09, 2007 2:01 PM
> To: Tomcat Users List
> Subject: Re: assistance with logon error
>
>
> On 4/9/07, Steve Ingraham <si...@okcca.net> wrote:
>
> > Yes, that is true. I am looking in every file I can find
> for the name
> > (it is 'occadb' by the way) for that server.
>
> > find -type f -print0 | xargs -r0 grep -F 'occadb'
>
> Given the case-insensitive nature of Windows, you might make
> that grep -iF in case it's in some file as OCCADB. :-)
The '-iF' change returned nothing either.
> Worst case, you'll have to dig into the source...
I have been looking through file after file all day now for any content
that would refer the authentication to any server. I am finding
nothing. Can you tell me what the lines of code might be written like
for authentication of user logons? I am getting cross eyed looking at
code that I really don't understand very well and am seeing nothing that
would make me believe there is something in it that is using the Windows
authentication for logon.
Any help is greatly appreciated. This error has really shut down our
office work today and I am striking out big time on getting it
functional.
Thanks,
Steve
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: assistance with logon error
Posted by Hassan Schroeder <ha...@gmail.com>.
On 4/9/07, Steve Ingraham <si...@okcca.net> wrote:
> Yes, that is true. I am looking in every file I can find for the name
> (it is 'occadb' by the way) for that server.
> find -type f -print0 | xargs -r0 grep -F 'occadb'
Given the case-insensitive nature of Windows, you might make that
grep -iF in case it's in some file as OCCADB. :-)
Worst case, you'll have to dig into the source...
--
Hassan Schroeder ------------------------ hassan.schroeder@gmail.com
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: assistance with logon error
Posted by Steve Ingraham <si...@okcca.net>.
> -----Original Message-----
> From: Hassan Schroeder [mailto:hassan.schroeder@gmail.com]
> Sent: Monday, April 09, 2007 1:23 PM
> To: Tomcat Users List
> Subject: Re: assistance with logon error
>
>
> On 4/9/07, Steve Ingraham <si...@okcca.net> wrote:
>
> > There are at least 4 or 5 different "web.xml" files in various
> > locations on this server. I have looked through most all
> of them to
> > this point. Is there something specific in the content of
> the file I
> > should be looking for that would be directing the
> application to use
> > the specific server DC for authentication?
>
> See below --
>
> > But if I do not know what I am looking for to 'find' or
> 'grep' how can
> > I use these?
>
> I know zero about Windows Domain Controllers, but surely
> there's a way to uniquely identify one -- name, IP,
> something. So you'd think that that would have to be in the
> config file, eh? :-)
Yes, that is true. I am looking in every file I can find for the name
(it is 'occadb' by the way) for that server. Another administrator
advised me to use this command on the Linux server where the webapps
reside:
find -type f -print0 | xargs -r0 grep -F 'occadb'
It returned nothing.
I am still searching with no success.
Steve
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: assistance with logon error
Posted by Hassan Schroeder <ha...@gmail.com>.
On 4/9/07, Steve Ingraham <si...@okcca.net> wrote:
> There are at least 4 or 5 different "web.xml" files in various locations
> on this server. I have looked through most all of them to this point.
> Is there something specific in the content of the file I should be
> looking for that would be directing the application to use the specific
> server DC for authentication?
See below --
> But if I do not know what I am looking for to 'find' or 'grep' how can I
> use these?
I know zero about Windows Domain Controllers, but surely there's
a way to uniquely identify one -- name, IP, something. So you'd think
that that would have to be in the config file, eh? :-)
--
Hassan Schroeder ------------------------ hassan.schroeder@gmail.com
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: assistance with logon error
Posted by Steve Ingraham <si...@okcca.net>.
> -----Original Message-----
> From: Hassan Schroeder [mailto:hassan.schroeder@gmail.com]
> Sent: Monday, April 09, 2007 12:02 PM
> To: Tomcat Users List
> Subject: Re: assistance with logon error
>
>
> On 4/9/07, Steve Ingraham <si...@okcca.net> wrote:
>
> > I have been searching for any configuration files in our web
> > application that would have the specific line directing to the "now
> > incorrect" DC. Can anyone provide me with information on where this
> > configuration file may reside? What its name, location, path could
> > be? Is there a standard location in a Tomcat environment
> where this
> > type of configuration file may be?
>
> Chances are it's either in an XML file -- /WEB-INF/web.xml
> would be the first place to look -- or in a "properties"
> file, typically found under /WEB-INF/classes/ as e.g., foo.properties.
There are at least 4 or 5 different "web.xml" files in various locations
on this server. I have looked through most all of them to this point.
Is there something specific in the content of the file I should be
looking for that would be directing the application to use the specific
server DC for authentication?
>
> But I would think `find` and `grep` would be your friends here :-)
But if I do not know what I am looking for to 'find' or 'grep' how can I
use these?
Thanks for your help on this.
Steve
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: assistance with logon error
Posted by Hassan Schroeder <ha...@gmail.com>.
On 4/9/07, Steve Ingraham <si...@okcca.net> wrote:
> I have been searching for any configuration files in our web application
> that would have the specific line directing to the "now incorrect" DC.
> Can anyone provide me with information on where this configuration file
> may reside? What its name, location, path could be? Is there a
> standard location in a Tomcat environment where this type of
> configuration file may be?
Chances are it's either in an XML file -- /WEB-INF/web.xml would be
the first place to look -- or in a "properties" file, typically found under
/WEB-INF/classes/ as e.g., foo.properties.
But I would think `find` and `grep` would be your friends here :-)
HTH,
--
Hassan Schroeder ------------------------ hassan.schroeder@gmail.com
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: assistance with logon error
Posted by Steve Ingraham <si...@okcca.net>.
> -----Original Message-----
> From: Rashmi Rubdi [mailto:rashmi.sub@gmail.com]
> Sent: Monday, April 09, 2007 3:04 PM
> To: Tomcat Users List
> Subject: Re: assistance with logon error
>
>
> But wait, the error you have is referring to this package:
> org.keel.services.authentication.mad.* which doesn't seem to
> exist on their API site anymore.
>
> You could also check with Keel's mailing list, may be they
> can help you locate the configuration information:
>
> http://www.keelframework.org/mail-list.shtml
>
Ok, I have subscribed to that mail-list. That makes, lets see, the
Tomcat, Struts, Netbeans and now the Keel mail-list for web
applications. Not to mention the qmail, qmailtoaster, spamassassin,
BIND DNS, SPF and YUM lists. I wonder what other list I will end up
subscribing to next.
Thanks for the information everyone has provided here. Anyone please
feel free to add anything further that you might think of. In the
meantime I will see if I can find any further insight from the Keel
folks.
Steve
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: assistance with logon error
Posted by Rashmi Rubdi <ra...@gmail.com>.
But wait, the error you have is referring to this package:
org.keel.services.authentication.mad.* which doesn't seem to exist on
their API site anymore.
You could also check with Keel's mailing list, may be they can help you locate
the configuration information:
http://www.keelframework.org/mail-list.shtml
-Rashmi
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: assistance with logon error
Posted by Rashmi Rubdi <ra...@gmail.com>.
On 4/9/07, Steve Ingraham <si...@okcca.net> wrote:
> org.keel.services.authentication.mad.LoginHelper: singraham:Unable to
> access LDAP server at occadb Reason: occadb:389
It could be possible that the login credentials are hard-coded in a
Java file, instead of reading them from a properties file.
Upon looking at the LoginHelper here:
http://www.keelframework.org/release/HEAD/javadoc/org/keel/services/authentication/config/LoginHelper.html
You could check if there is a Java class in your application that
calls this method:
attemptLogin(java.lang.String domain, java.lang.String loginName,
java.lang.String providedPassword, java.lang.String passwordSeq,
ServiceManager manager)
That Java Class should have the domain etc.
-Rashmi
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org