tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 9703] New: - Two extra authentications occur for each JNDIRealm authentication
Date Fri, 07 Jun 2002 20:18:19 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9703>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9703

Two extra authentications occur for each JNDIRealm authentication

           Summary: Two extra authentications occur for each JNDIRealm
                    authentication
           Product: Tomcat 4
           Version: 4.1.3
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: jemiller@uchicago.edu


I'm using JNDIRealm with the following setup.

<Realm className="org.apache.catalina.realm.JNDIRealm"
	debug="99"
	connectionName="cn=Directory Manager"
	connectionPassword="mypassword"
	connectionURL="ldap://myldapserver"
	roleBase="ou=roles, dc=mydomain"
	roleName="cn"
	roleSearch="(uniqueMember={0})"
	roleSubtree="false"
	userPattern="uid={0}, ou=People, dc=mydomain"/>

As you can see, I have it setup so that it authenticates the user by binding 
to the directory as them rather than querying for a password attribute. I 
found that for every authentication (i.e. everytime I access a protected page) 
it authenticates two extra times.

The following is what gets written to the log for iPlanet Directory Server 5.1 
during one authentication. As you can see, it does the same thing three times 
instead of only once.

I tested this with OpenLDAP as well and the behavior was the same.

[07/Jun/2002:15:03:01 -0500] conn=14 op=0 BIND dn="cn=Directory Manager" 
method=128 version=3
[07/Jun/2002:15:03:01 -0500] conn=14 op=0 RESULT err=0 tag=97 nentries=0 
etime=0 dn="cn=directory manager"
[07/Jun/2002:15:03:33 -0500] conn=14 op=1 BIND dn="uid=jemiller, ou=People, 
dc=mydomain" method=128 version=3
[07/Jun/2002:15:03:33 -0500] conn=14 op=1 RESULT err=0 tag=97 nentries=0 
etime=0 dn="uid=jemiller,ou=people,dc=mydomain"
[07/Jun/2002:15:03:33 -0500] conn=14 op=2 SRCH base="" scope=0 
filter="(objectClass=*)" attrs=ALL
[07/Jun/2002:15:03:33 -0500] conn=14 op=2 RESULT err=0 tag=101 nentries=1 
etime=0
[07/Jun/2002:15:03:33 -0500] conn=14 op=3 BIND dn="cn=Directory Manager" 
method=128 version=3
[07/Jun/2002:15:03:33 -0500] conn=14 op=3 RESULT err=0 tag=97 nentries=0 
etime=0 dn="cn=directory manager"
[07/Jun/2002:15:03:33 -0500] conn=14 op=4 SRCH base="ou=roles, dc=mydomain" 
scope=1 filter="(uniqueMember=uid=jemiller, ou=People, dc=mydomain)" attrs="cn"
[07/Jun/2002:15:03:33 -0500] conn=14 op=4 RESULT err=0 tag=101 nentries=1 
etime=0

[07/Jun/2002:15:03:33 -0500] conn=14 op=5 BIND dn="uid=jemiller, ou=People, 
dc=mydomain" method=128 version=3
[07/Jun/2002:15:03:33 -0500] conn=14 op=5 RESULT err=0 tag=97 nentries=0 
etime=0 dn="uid=jemiller,ou=people,dc=mydomain"
[07/Jun/2002:15:03:33 -0500] conn=14 op=6 SRCH base="" scope=0 
filter="(objectClass=*)" attrs=ALL
[07/Jun/2002:15:03:33 -0500] conn=14 op=6 RESULT err=0 tag=101 nentries=1 
etime=0
[07/Jun/2002:15:03:33 -0500] conn=14 op=7 BIND dn="cn=Directory Manager" 
method=128 version=3
[07/Jun/2002:15:03:33 -0500] conn=14 op=7 RESULT err=0 tag=97 nentries=0 
etime=0 dn="cn=directory manager"
[07/Jun/2002:15:03:33 -0500] conn=14 op=8 SRCH base="ou=roles, dc=mydomain" 
scope=1 filter="(uniqueMember=uid=jemiller, ou=People, dc=mydomain)" attrs="cn"
[07/Jun/2002:15:03:33 -0500] conn=14 op=8 RESULT err=0 tag=101 nentries=1 
etime=0

[07/Jun/2002:15:03:33 -0500] conn=14 op=9 BIND dn="uid=jemiller, ou=People, 
dc=mydomain" method=128 version=3
[07/Jun/2002:15:03:33 -0500] conn=14 op=9 RESULT err=0 tag=97 nentries=0 
etime=0 dn="uid=jemiller,ou=people,dc=mydomain"
[07/Jun/2002:15:03:33 -0500] conn=14 op=10 SRCH base="" scope=0 
filter="(objectClass=*)" attrs=ALL
[07/Jun/2002:15:03:33 -0500] conn=14 op=10 RESULT err=0 tag=101 nentries=1 
etime=0
[07/Jun/2002:15:03:33 -0500] conn=14 op=11 BIND dn="cn=Directory Manager" 
method=128 version=3
[07/Jun/2002:15:03:33 -0500] conn=14 op=11 RESULT err=0 tag=97 nentries=0 
etime=0 dn="cn=directory manager"
[07/Jun/2002:15:03:33 -0500] conn=14 op=12 SRCH base="ou=roles, dc=mydomain" 
scope=1 filter="(uniqueMember=uid=jemiller, ou=People, dc=mydomain)" attrs="cn"
[07/Jun/2002:15:03:33 -0500] conn=14 op=12 RESULT err=0 tag=101 nentries=1 
etime=0

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message