You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Graham Leggett <mi...@sharp.fm> on 2005/11/08 22:20:00 UTC

Config problem: AAA and LDAP

Hi all,

I have just created a simple webapp hosted with Tomcat v5.0.28, and I 
want to add container managed security against an LDAP server.

Following the Tomcat instructions for adding a realm against JNDI does 
not seem to have had any effect: Attempts to access the webapp are 
always successful, no username or password is asked for at all.

The realm is added within the <Context> tag, and is defined like this:

<Realm   className="org.apache.catalina.realm.JNDIRealm" debug="99"
     connectionURL="ldap://localhost:389"
     connectionName="cn=Mail,dc=yyy"
     connectionPassword="zzz"
     userPattern="uid={0},ou=People,ou=Testing,yyy"
     roleBase="ou=Groups,ou=Testing,yyy"
     roleName="cn"
     roleSearch="(uniqueMember={0})"
/>

The file jndi-ldap.jar was copied into the server/lib directory, and the 
logfile includes this single line about LDAP:

2005-11-08 22:41:58 JNDIRealm[/julia]: Connecting to URL 
ldap://localhost:389

I am using JDK v1.5.0_05 from Sun which I notice does not contain any 
specific jndi-ldap.jar file anywhere in the distro.

Does Tomcat v5.0.28 work with JDK v1.5?

Can anyone point out what I might be doing wrong? The instructions are 
pretty straightforward, but the AAA just "doesn't work", I am at a loss 
as to what is wrong.

Regards,
Graham
--

Re: Config problem: AAA and LDAP

Posted by PHIL CAVAZOS <PH...@salemhospital.org>.

what ldap server are you trying to connect to? Active Directory, eDirectory, or OpenLDAP

>>> minfrin@sharp.fm 11/8/2005 1:20:00 pm >>>
Hi all,

I have just created a simple webapp hosted with Tomcat v5.0.28, and I 
want to add container managed security against an LDAP server.

Following the Tomcat instructions for adding a realm against JNDI does 
not seem to have had any effect: Attempts to access the webapp are 
always successful, no username or password is asked for at all.

The realm is added within the <Context> tag, and is defined like this:

<Realm   className="org.apache.catalina.realm.JNDIRealm" debug="99"
     connectionURL="ldap://localhost:389"
     connectionName="cn=Mail,dc=yyy"
     connectionPassword="zzz"
     userPattern="uid={0},ou=People,ou=Testing,yyy"
     roleBase="ou=Groups,ou=Testing,yyy"
     roleName="cn"
     roleSearch="(uniqueMember={0})"
/>

The file jndi-ldap.jar was copied into the server/lib directory, and the 
logfile includes this single line about LDAP:

2005-11-08 22:41:58 JNDIRealm[/julia]: Connecting to URL 
ldap://localhost:389

I am using JDK v1.5.0_05 from Sun which I notice does not contain any 
specific jndi-ldap.jar file anywhere in the distro.

Does Tomcat v5.0.28 work with JDK v1.5?

Can anyone point out what I might be doing wrong? The instructions are 
pretty straightforward, but the AAA just "doesn't work", I am at a loss 
as to what is wrong.

Regards,
Graham
--


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org