tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karr, David" <David.K...@wamu.net>
Subject RE: FORM-based ldap authentication problem
Date Tue, 01 Jul 2003 22:43:25 GMT
No, I don't mean the request parameter name in the form, I mean the LDAP
attribute name.

Nevertheless, after looking over the Tomcat documentation, this probably
isn't your issue.  You should read over this documentation carefully and
make sure you've specified everything you need to connect to your
particular LDAP server.  In particular, I think it's likely that you'll
need to specify the "connectionName", "connectionPassword", and
"userPassword" attributes.  This is just a guess, as there's several
ways to configure an LDAP server.

> -----Original Message-----
> From: Maurice Coyle - Sun Microsystems Ireland
[mailto:M.Coyle@Sun.COM]
> Sent: Tuesday, July 01, 2003 10:29 AM
> To: tomcat-user@jakarta.apache.org
> Subject: RE: FORM-based ldap authentication problem
> 
> i'm pretty sure the j_username is the logical attribute name for the
uid.
> the
> container manages the internals of the authentication.  is this what
you
> meant?
> 
> i wouldn't consider myself any sort of authority on the j_*
attributes, i
> just
> tried them and they worked.  i suspect that this is the root of my
> problem, so
> if nayone knows of a decent source of info about them i'd appreciate
it.
> 
> > I haven't tried to set up an LDAP authenticator in Tomcat, but
shouldn't
> > you have to specify the attribute name for the uid?  You've
specified
> > the pattern for the search DN, but I would assume you'd have to
specify
> > "uid" separately somewhere.
> >
> > > -----Original Message-----
> > > From: Maurice Coyle - Sun Microsystems Ireland
> > [mailto:M.Coyle@Sun.COM]
> > >
> > > by all means.  there's 4 basic steps to this:
> > >
> > > 1. in server.xml paste the following (replace <YOUR-SERVER> with
the
> > url
> > > of the
> > > ldap server and you'll probably have to change the userBase bit
too)
> > to
> > > tell
> > > tomcat where to go to authenticate:
> > >
> > > 	<Realm className="org.apache.catalina.realm.JNDIRealm"
> > debug="99"
> > >              connectionURL="ldap://<YOUR-SERVER>:389"
> > >              userBase="ou=people,dc=sun,dc=com"
> > >              userSearch="uid={0}"/>
> > >
> > > 2. in web.xml, right at the end paste the following (add
<url-pattern>
> > > tags for
> > > whicever other types of files you want protected):
> > >
> > >     <security-constraint>
> > >        <web-resource-collection>
> > >         <web-resource-name>tracker</web-resource-name>
> > >         <url-pattern>*.jsp</url-pattern>
> > >         <http-method>GET</http-method>
> > >         <http-method>POST</http-method>
> > >        </web-resource-collection>
> > >        <auth-constraint>
> > >          <!-- <role-name>std</role-name> -->
> > >          <role-name>*</role-name>
> > >        </auth-constraint>
> > >     </security-constraint>
> > >
> > >     <login-config>
> > >           <auth-method>FORM</auth-method>
> > >           <realm-name>ldapRealm</realm-name>
> > >           <form-login-config>
> > >                   <form-login-page>/login.jsp</form-login-page>
> > >
<form-error-page>/login_error.jsp</form-error-page>
> > >           </form-login-config>
> > >     </login-config>
> > >
> > > 3. create login.jsp and login_error.jsp and put them in the
web-app's
> > > document
> > > root
> > >
> > > login.jsp must include the form with the j_* fields as in the
skeleton
> > > form
> > > below:
> > >
> > > <form action="j_security_check" method="POST">
> > >    	LDAP Authentication<BR>
> > >
> > >    	<strong>Enter UserId</strong><br>
> > > 	<input type="text" name="j_username" size="22">
> > >
> > > 	<strong>Enter Password</strong><br>
> > > 	<input type="password" name="j_password" size="22">
> > >
> > > 	<input type="submit" name="Submit" value="Submit">
> > > </form>
> > >
> > > login_error.jsp can be as simple as:
> > >
> > > <html>
> > > <body>
> > > The system was not able to log you in.<br>
> > > <form>
> > >     <input type="button" onclick="history.go(-1)" value="Retry"/>
> > > </form>
> > > </body>
> > > </html>
> > >
> > > 4. when you've successfully logged in, to get the name of the user
> > who's
> > > logged
> > > in, use String user = request.getRemoteUser();
> > >
> > >
> > > hope this helps,
> > > maurice
> > >
> > >
> > > > Mailing-List: contact tomcat-user-help@jakarta.apache.org; run
by
> > ezmlm
> > > > List-Unsubscribe:
> > <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> > > > List-Subscribe:
<mailto:tomcat-user-subscribe@jakarta.apache.org>
> > > > List-Help: <mailto:tomcat-user-help@jakarta.apache.org>
> > > > List-Post: <mailto:tomcat-user@jakarta.apache.org>
> > > > List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org>
> > > > Delivered-To: mailing list tomcat-user@jakarta.apache.org
> > > > X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0
> > > > content-class: urn:content-classes:message
> > > > Subject: RE: FORM-based ldap authentication problem
> > > > Date: Tue, 1 Jul 2003 12:52:46 -0400
> > > > X-MS-Has-Attach:
> > > > X-MS-TNEF-Correlator:
> > > > Thread-Topic: FORM-based ldap authentication problem
> > > > Thread-Index: AcM/8O7x+q8RZHTaQ5mM0xzRg5mCtAAACyJA
> > > > From: "Pitre, Russell" <RPITRE@shawmut.com>
> > > > To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>,
"Maurice
> > Coyle
> > > - Sun
> > > Microsystems Ireland" <M.Coyle@sun.com>
> > > > X-OriginalArrivalTime: 01 Jul 2003 16:52:46.0869 (UTC)
> > > FILETIME=[32D05C50:01C33FF1]
> > > > X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
> > > > Content-Transfer-Encoding: 8bit
> > > > X-MIME-Autoconverted: from quoted-printable to 8bit by
> > > dub-mail1.Ireland.Sun.COM id h61GrEh10906
> > > >
> > > > I've been trying to get form-based ldap authentication
> > working....but no
> > > > luck.....do you think
> > > > i could see some sample code?
> > > >
> > > >
> > > >
> > > > Russ
> > > >
> > > > -----Original Message-----
> > > > From: Maurice Coyle - Sun Microsystems Ireland
> > [mailto:M.Coyle@Sun.COM]
> > > > Sent: Tuesday, July 01, 2003 12:50 PM
> > > > To: tomcat-user@jakarta.apache.org
> > > > Subject: FORM-based ldap authentication problem
> > > >
> > > >
> > > > hi all,
> > > > i've implemented form-based ldap authentication on my tomcat
server.
> > it
> > > > works
> > > > fine in general but from time to time when i enter my ldap
username
> > and
> > > > password, i get a blank page with j_security_check in the
location
> > > > field.  if i
> > > > reload the page, i get the login_error.jsp page and upon
reloading
> > the
> > > > page one
> > > > further time, i am logged in successfully.
> > > >
> > > > this is the exact sequence whenever there is a problem with the
> > > > authentication,
> > > > i can reload the page 3 times and i get accepted.
> > > >
> > > > does anyone have a clue what's the cause and if there's a
solution?
> > > >
> > > > appreciate any help,
> > > > maurice
> > > >
> > > >
> > > >
> >
---------------------------------------------------------------------
> > > > To unsubscribe, e-mail:
tomcat-user-unsubscribe@jakarta.apache.org
> > > > For additional commands, e-mail:
tomcat-user-help@jakarta.apache.org
> > > >
> > > >
> > > >
> >
---------------------------------------------------------------------
> > > > To unsubscribe, e-mail:
tomcat-user-unsubscribe@jakarta.apache.org
> > > > For additional commands, e-mail:
tomcat-user-help@jakarta.apache.org
> > > >
> > > >
> > >
> > >
> > >
---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail:
tomcat-user-help@jakarta.apache.org
> >
> >
> >
---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message