You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Kim-Vân Ho-Dac <kh...@optaros.com> on 2007/07/30 18:08:33 UTC

LDAP authentication

Hi,

I'm getting started with Tomcat's Realm authentication with LDAP. I've 
performed the following steps to authenticate users in my web application :

- put ldap.jar in $TOMCAT_HOME/common/lib

- modified $TOMCAT_HOME/conf/server.xml as follows :

<Realm   className="org.apache.catalina.realm.JNDIRealm" debug="99"
                        connectionURL="ldap://my_url:389"
                        userPattern="uid={0},ou=People,o=company"
                        roleBase="ou=People,o=company"
                        roleName="cn"
                        roleSearch="(uniqueMember={0})"
                        />
I've put this Realm configuration within the <Host> element

- modified the web.xml of my web application to point it to the url.

Then when I try to authenticate I get a 403 error, so it seems like 
authentication is ok but I don't have authorization for accessing the 
ressources.
Maybe the problem is because of the roles ? Because I couldn't see the 
roles on the LDAP server with a LDAP browser, although authentication on 
it the browser successful, as well as the queries.
Is there a possibility to authenticate with no roles (I'm not sure what 
to put within the <role-name> in web.xml, is this element mandatory?) ? 
Or how can we see the roles in the LDAP browser ?

Note : I'm using Tomcat 5.5.17 and OpenLDAP server.

Did I miss something in my process ?
Any hints or suggestions are welcome.

Thanks.

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org