tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Holman <>
Subject Re: JNDI Realm authentication
Date Wed, 19 Jun 2002 16:13:45 GMT
Josh Fenlason wrote:

>>>From the log it just looks as if the password is not correct (Invalid
>>Credentials). Where's the stack dump coming from?
>I added it to org.apache.catalina.realm.JNDIRealm.bindAsUser(). 
OK - that explains that! Apart from that it does look like a normal 
authentication attempt with an incorrect password.

One thing you could try would be to set an administrator username and 
password and check that the initial bind with those credentials 
succeeds. In fact for test purposes you could set the admin username and 
password to be the same as those for the user you are trying to 
authenticate as. Also logs from the LDAP server might help.

> Do you know
>where I can find the source for com.sun.jndi.ldap.LdapCtx?  Thanks.
Afraid not .

By the way, note that there is a security problem with JNDIRealm in 
4.1.x prior to 4.1.5.

>To unsubscribe, e-mail:   <>
>For additional commands, e-mail: <>

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message