Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 26277 invoked from network); 8 Nov 2004 04:45:08 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 8 Nov 2004 04:45:08 -0000 Received: (qmail 40494 invoked by uid 500); 8 Nov 2004 04:44:37 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 40454 invoked by uid 500); 8 Nov 2004 04:44:37 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 40439 invoked by uid 99); 8 Nov 2004 04:44:37 -0000 X-ASF-Spam-Status: No, hits=0.1 required=10.0 tests=RCVD_BY_IP,SPF_HELO_PASS,SPF_PASS,WEIRD_PORT X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: domain of sandeep.sandeep@gmail.com designates 64.233.170.203 as permitted sender) Received: from [64.233.170.203] (HELO rproxy.gmail.com) (64.233.170.203) by apache.org (qpsmtpd/0.28) with ESMTP; Sun, 07 Nov 2004 20:44:34 -0800 Received: by rproxy.gmail.com with SMTP id a41so291039rng for ; Sun, 07 Nov 2004 20:44:32 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=ew9AARlEVFThbrWRYDrxWO1gcqO/7B426nunh9wCz5zcszimwPe+C6O0vHO07dayvXEK+a3PSYSG2EZpmv1M5xs50eFk9tEZaROqR2IJ08V6HDRrhkR/4xOp87FbxFeTtb0skA/G9aX7pxrQjMc13LcPmVOWhoA8KVZKqzalnys= Received: by 10.38.67.12 with SMTP id p12mr1339793rna; Sun, 07 Nov 2004 20:44:32 -0800 (PST) Received: by 10.38.162.53 with HTTP; Sun, 7 Nov 2004 20:44:32 -0800 (PST) Message-ID: <7f55371b04110720442adab2b8@mail.gmail.com> Date: Mon, 8 Nov 2004 10:14:32 +0530 From: Sandeep N Reply-To: Sandeep N To: Tomcat Users List Subject: Re: User Authentication Problem LDAP In-Reply-To: <41876D31.6080303@pcedev.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <7f55371b041101211417dd3755@mail.gmail.com> <41876D31.6080303@pcedev.com> X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Hi All, I got my problem solved..The culprit was that I hadn't included the attribute "digest" with value "SHA" (SHA because my LDAP directory is storing the password in this format) in the directive in server.xml. Also, I had to change cn to * in web.xml. Now, the things seems to work without any hassles. Regards, Sandeep On Tue, 02 Nov 2004 12:19:13 +0100, Olivier Jolly wrote: > I'm not a specialist in this but it smells like you're saying that the > role name are listedin the attribute 'cn' and that to access your site > the connected user should have the role 'cn' hence if you do not have a > user with it's cn=cn (attribute cn = value "cn"), it won't work. Maybe > you could either enter real roles to your users in another attribute > than cn and adapt your web.xml accordingly or suppress the > auth-constraint on the role-name > > Hope it helps > > Olivier > > > > Sandeep N wrote: > > >Hi, > > > >I have a problem trying to authenticate users, whose details are > >stored in the LDAP directory through Apache Tomcat. The details of the > >software I am using are as follows : > > > >LDAP: OpenLDAP V 2.2.17 > >Web-Server: Apache-Tomcat V 4.1.30 > >OS: Suse - Linux > > > >The LDAP directory structure is somewhat like this - > >dc=my-domain,dc=com > >cn= Manager > > cn=person1 > > cn=person2 and so on > > > >In the server.xml file (under APACHE-TOMCAT-DIR/conf/) I have included > >he following piece of code - > > > > >connectionName="cn=Manager,dc=my-domain,dc=com" > >connectionPassword="secret" connectionURL="ldap://localhost:389" > >roleName="cn" roleSearch="(uniqueMember={0})" > >userPassword="userPassword" > >userPattern="cn={0},cn=Manager,dn=my-domain,dn=com" /> > > > >The folder I have to authenticate is "param_test" and this resides > >under "APACHE-TOMCAT-DIR/webapps". > > > >The web.xml file under the "param_test" folder contains the following > >piece of code - > >.................................. > > > > > > test > > /* > > > > > > cn > > > > > > > > > > BASIC > > test > > > > > >.................................. > > > >I have even copied the jndi.jar, ldap.jar files to > >APACHE-TOMCAT-DIR/server/lib directory > > > >When I try to access the link, http://localhost:8089/param_test, it > >prompts me for the username and password. When I type in these > >parameters as per the entries in the LDAP directory, the pop-up > >reappears and this goes on continously. If I cancel this pop-up, HTTP > >error 401 is returned. Any guesses where I have gone wrong? > > > >Thanks in advance. > > > >Regards, > >Sandeep > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org > >For additional commands, e-mail: tomcat-user-help@jakarta.apache.org > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org