tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "tschwitt@bluewin.ch" <tschw...@bluewin.ch>
Subject AW: Re: JNDIRealm exception
Date Tue, 31 Oct 2006 16:15:37 GMT

This is the code (JNDIRealm)

// Get the entry's distinguished name
        NameParser parser = context.getNameParser("");
        Name contextName = parser.parse(context.
getNameInNamespace());
        Name baseName = parser.parse(userBase);

// Bugzilla 32269
        Name entryName = parser.parse(new CompositeName(result.
getName()).get(0));

        Name name = contextName.addAll(baseName);
        name = name.addAll(entryName);
        String dn = name.toString();


The line 1079 where the exception occurs is right after the 
//Bugzilla statement. In Attachment you find the whole JNDIRealm.
java



----Urspr√ľngliche Nachricht----
Von: mgainty@hotmail.com
Datum: 31.10.2006 15:14
An: "Tomcat Users List"<users@tomcat.apache.org>, <tschwitt@bluewin.
ch>
Betreff: Re: JNDIRealm exception

Hello


can we please see the statements leading up to NameParser.parse() 
method call
are you able to ldapsearch using DC and OU parameters without CN?

M-
This e-mail communication and any attachments may contain 
confidential and privileged information for the use of the 
designated recipients named above. If you are not the intended 
recipient, you are hereby notified that you have received
this communication in error and that any review, disclosure, 
dissemination, distribution or copying of it or its 
contents
----- Original Message ----- 
From: <tschwitt@bluewin.ch>
To: <users@tomcat.apache.org>
Sent: Tuesday, October 31, 2006 7:00 AM
Subject: JNDIRealm exception


> Problem with JNDIRealm 
> 
> 
> 
> I successfully authenticate my users against active Directory 
> (single domain). But now I have a setup with trusted domains and 
the 
> authentication fails with the following exception.
> 
> Everything is working fine if my user is in the domain ar-net.
ch. 
> 
> Now I want to authenticate a user in the Domain teufen.ar-net.
ch. 
> As I see with Ethereal, referrals are followed and the user is 
found. 
> But the user is not authenticated and the log shows the 
following 
> exception.
> 
> Tomcat server is 5.5.15 and java is 1.5.0_06
> 
> 
> 
> Thank you for any clue
> 
> 
> 
> 
> 
> Exception performing authentication
> 
> javax.naming.InvalidNameException: Invalid name: ldap:
> 
>            at javax.naming.ldap.Rfc2253Parser.doParse(Unknown 
> Source)
> 
>            at javax.naming.ldap.Rfc2253Parser.parseDn(Unknown 
> Source)
> 
>            at javax.naming.ldap.LdapName.parse(Unknown Source)
> 
>            at javax.naming.ldap.LdapName.<init>(Unknown Source)
> 
>            at com.sun.jndi.ldap.LdapNameParser.parse(Unknown 
> Source)
> 
>            at org.apache.catalina.realm.JNDIRealm.
getUserBySearch
> (JNDIRealm.java:1079)
> 
>            at org.apache.catalina.realm.JNDIRealm.getUser
> (JNDIRealm.java:958)
> 
>            at org.apache.catalina.realm.JNDIRealm.authenticate
> (JNDIRealm.java:907)
> 
>            at org.apache.catalina.realm.JNDIRealm.authenticate
> (JNDIRealm.java:808)
> 
>            at org.apache.catalina.authenticator.
FormAuthenticator.
> authenticate(FormAuthenticator.java:257)
> 
>            at org.apache.catalina.authenticator.
AuthenticatorBase.
> invoke(AuthenticatorBase.java:416)
> 
>            at org.apache.catalina.core.StandardHostValve.invoke
> (StandardHostValve.java:126)
> 
>            at org.apache.catalina.valves.ErrorReportValve.invoke
> (ErrorReportValve.java:105)
> 
>            at org.apache.catalina.core.StandardEngineValve.
invoke
> (StandardEngineValve.java:107)
> 
>            at org.apache.catalina.connector.CoyoteAdapter.
service
> (CoyoteAdapter.java:148)
> 
>            at org.apache.coyote.http11.Http11Processor.process
> (Http11Processor.java:869)
> 
>            at org.apache.coyote.http11.
> Http11BaseProtocol$Http11ConnectionHandler.processConnection
> (Http11BaseProtocol.java:667)
> 
>            at org.apache.tomcat.util.net.PoolTcpEndpoint.
> processSocket(PoolTcpEndpoint.java:527)
> 
>            at org.apache.tomcat.util.net.
> LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:
80)
> 
>            at org.apache.tomcat.util.threads.
> ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> 
>            at java.lang.Thread.run(Unknown Source)
> 
> 31.10.2006 08:57:59 org.apache.catalina.realm.JNDIRealm close
> 
> 
> 
> Here is the config?
> 
> 
> 
> <Realm  name="myrealm" 
> 
> className="org.apache.catalina.realm.JNDIRealm" debug="99"
> 
> connectionName="CN=dasquery,OU=Herisau-AR-NET,DC=ar-net,DC=ch"
> 
> connectionPassword="not public"
> 
> connectionURL="ldap://s1.ar-net.ch:389"         
> 
> userBase="DC=ar-net,DC=ch"
> 
> userSubtree="true" 
> 
> userSearch="userPrincipalName=
> {0}"                                                
> 
> roleName="cn"
> 
> roleSearch="(member={0})"
> 
> roleBase="OU=DASGROUPS,OU=Herisau-AR-NET,DC=ar-net,DC=ch"
> 
> referrals="follow"
> 
> />
> 
> 
> 
> 
---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
>



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message