tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Funk <>
Subject Re: JNDI Realm Help - (using iplanet)
Date Tue, 20 Aug 2002 18:04:49 GMT
IPlanet with SHA does not work together in 4.0.4. The password coming 
back from iPlanet is compared incorrectly with respect to digesting the 
user provided password.

You have 3 alternatives:
1) Hack JNDIRealm (Attached is one I did and am using until upgrading to 
2) Use 4.1.X and bind as the user
3) Use JNDIRealm from the 4.1.X tree and bind as the user


Randy Secrist wrote:
> Hello,
> I am trying to get TC (4.0.4) to establish a working JNDI realm using
> iplanet's directory server.  I am using FORM based login and have this
> working as a JDBC realm previously.
> As you can see below, I would like to keep my users and roles in
> ou=warnertruck,ou=truckcenter,dc=secristfamily,dc=com.  Iplanet sets up each
> user with a role nsrole, and nsroledn.  I have tried switching the values
> for roleName, and roleSearch, and since iplanet stores passwords using SHA,
> I even threw on a digest="SHA" in the realm tag.  I have messed with this
> for months now, and have searched the web extensivly for help.  Would
> someone please tell me what I need to do to get this working?
> If I can actually get this working, I will be most elated!
> Randy Secrist

View raw message