tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bjarni Þór Jónsson <>
Subject JNDIRealm & Active Directory: workaround for hasMore() causing ex ceptions
Date Thu, 18 Nov 2004 18:16:07 GMT

I'm using the org.apache.catalina.realm.JNDIRealm (included with Tomcat
5.0.28) against two Microsoft Active Directory servers with a different
setup of CNs and OUs.
For one of those Active Directory servers I'm unable to configure the Realm
in server.xml without getting PartialResultException: "Unprocessed
Continuation Reference(s); remaining name ''" - for the other server it
works fine.

I'm no expert on LDAP so my realm configuration might be wrong but I
couldn't see what was wrong with it so I made a workaround which may not be
desirable for all users of JNDIRealm but at least it works for me.

I always got this exception in the JNDIRealm.getUserBySearch method on the
second call to results.hasMore(), i.e. when checking whether the username
has multiple entries.
So my workaround was to put a try-catch block around that hasMore call.

That worked fine until I configured the Realm to get also the roles from
Active Directory and then I got the same exception, again on call to
results.hasMore() in the method JNDIRealm.getRoles.
Again I put a try-catch block around that hasMore call and everything worked

Later I found out that this could also be fixed by using hasMoreElements
instead of hasMore, either way, are these workarounds desirable for the
offical code?

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message