tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Funk <funk...@joedog.org>
Subject Re: JNDI Realm Help - (using iplanet)
Date Tue, 20 Aug 2002 18:04:49 GMT
IPlanet with SHA does not work together in 4.0.4. The password coming 
back from iPlanet is compared incorrectly with respect to digesting the 
user provided password.

You have 3 alternatives:
1) Hack JNDIRealm (Attached is one I did and am using until upgrading to 
4.1.X)
2) Use 4.1.X and bind as the user
3) Use JNDIRealm from the 4.1.X tree and bind as the user

-Tim

Randy Secrist wrote:
> Hello,
> 
> I am trying to get TC (4.0.4) to establish a working JNDI realm using
> iplanet's directory server.  I am using FORM based login and have this
> working as a JDBC realm previously.
> 
> As you can see below, I would like to keep my users and roles in
> ou=warnertruck,ou=truckcenter,dc=secristfamily,dc=com.  Iplanet sets up each
> user with a role nsrole, and nsroledn.  I have tried switching the values
> for roleName, and roleSearch, and since iplanet stores passwords using SHA,
> I even threw on a digest="SHA" in the realm tag.  I have messed with this
> for months now, and have searched the web extensivly for help.  Would
> someone please tell me what I need to do to get this working?
> 
> If I can actually get this working, I will be most elated!
> 
> Randy Secrist
>  

Mime
View raw message