tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Tomcat LDAP Authentication
Date Wed, 14 May 2008 16:52:00 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

John,

John Russell wrote:
| [Resubmitted. I did not see this appear in the digest, if you have
|  seen this before and replied, please accept my apologies]

It came through before. You might have missed the cutoff for the digest
- -- or maybe just missed it.

| Is there a command line method to test an LDAP configuration?

One probable came with your LDAP server, but I suspect that's not really
what you're asking.

| I could not find any log messages after basic authentication was denied.
| Perhaps the authentication log is not in $CATALINA_HOME/logs?

Everything in Tomcat uses commons-logging, which can be configured to do
lots of things. Not sure of the JNDIRealm emits very much log
information. You might want to increase the log level for that class to
DEBUG or even TRACE and run through your login again.

Instructions for configuring logging are available in the documentation
at tomcat.apache.org.

|     <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
|        connectionURL="ldap://192.168.16.179"
|          userPattern="uid={0},ou=users,dc=mail,dc=owd,dc=net"
|             roleBase="ou=groups,dc=mail,dc=owd,dc=net"
|             roleName="cn"
|             roleSearch="(memberUid={0})"/>
|
|       <Valve className="org.apache.catalina.authenticator.SingleSignOn" />

There is no command-line test for a realm setup that I know of.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkgrGJkACgkQ9CaO5/Lv0PBn0gCglQOlsE9C/el4XLbiRiDkMUx7
MV4AnRty5UG3m868f9weNLDJ0ILpS35l
=FPK2
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message