tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hayo Schmidt <str...@hayo.de>
Subject Re: JNDIRealm: Authentication Failing
Date Mon, 28 Jul 2003 14:43:46 GMT
Is 'mail' the naming value?
This means, if you export to an ldif file you should find a line
dn: mail=adam@tritus.ca,ou=People,dc=tritus,dc=ca

Hayo Schmidt

Adam Sherman schrieb:

> I am trying to get JNDIRealm to authenticate against my LDAP tree:
>     <Realm className="org.apache.catalina.realm.JNDIRealm"
>            debug="200"
>          connectionURL="ldap://localhost:389"
>         userBase="ou=People,dc=tritus,dc=ca"
>       userSearch="(mail={0})"
>         roleBase="ou=Groups,dc=tritus,dc=ca"
>         roleName="cn"
>       roleSearch="(member={0})"
>     />
> Using a user I can authenticate with the OpenLDAP CLI tools:
> 2003-07-27 13:44:06 JNDIRealm[Standalone]:   Searching for adam@tritus.ca
> 2003-07-27 13:44:06 JNDIRealm[Standalone]:   base: 
> ou=People,dc=tritus,dc=ca filter: (mail=adam@tritus.ca)
> 2003-07-27 13:44:06 JNDIRealm[Standalone]:   entry found for 
> adam@tritus.ca with dn uid=adam,ou=People,dc=tritus,dc=ca
> 2003-07-27 13:44:06 JNDIRealm[Standalone]:   validating credentials by 
> binding as the user
> 2003-07-27 13:44:06 JNDIRealm[Standalone]:   binding as 
> uid=adam,ou=People,dc=tritus,dc=ca
> 2003-07-27 13:44:06 JNDIRealm[Standalone]:   bind attempt failed
> 2003-07-27 13:44:06 JNDIRealm[Standalone]: Username adam@tritus.ca NOT 
> successfully authenticated
> The lookup functions correctly, but binding fails. Even though I know 
> the user can bind.
> Info:
> Tomcat 4.1.24, OpenLDAP 2.1.x
> Any ideas?
> A.





---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message