tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric B." <>
Subject Trouble configuring LDAP authentication
Date Thu, 06 Aug 2009 20:49:06 GMT

I'm trying to get the JNDIRealms working using my LDAP server in Tomcat
6.0.18 for the manager and admin applications and am having difficulty
getting them to work.  I tried following instructions in the tomcat doc
site, and think I have things fairly well set up.  I have enabled full logs
on my LDAP server (slapd), and see the requests coming through.  The problem
is that neither application seems to authenticate properly.  My guess is
that I made a mistake somewhere in my LDAP tree.

I searched around and found additional documentation in Pro Apache Tomcat 6
by Matthew Moodie (apress publishing) that seems to indicate things step by
step as well.  In the book, he refers to JNDIRealm logs:

For a further insight into the communication between Tomcat and the
directory server, examine the log for the service component.

JNDIRealm[Catalina]: Connecting to URL ldap://localhost:389
JNDIRealm[Catalina]: lookupUser(admin)
JNDIRealm[Catalina]: dn=uid=admin,ou=people,dc=mycompany,dc=com
JNDIRealm[Catalina]: retrieving attribute userPassword
JNDIRealm[Catalina]: validating credentials
JNDIRealm[Catalina]: Username admin successfully authenticated
JNDIRealm[Catalina]: getRoles(uid=admin,ou=people,dc=mycompany,dc=com)
JNDIRealm[Catalina]: Searching role base 'ou=groups,dc=mycompany,dc=com' for 
attribute 'cn'
JNDIRealm[Catalina]: With filter expression 
JNDIRealm[Catalina]: retrieving values for attribute cn
JNDIRealm[Catalina]: Returning 1 roles
JNDIRealm[Catalina]: Found role admin

However, try as I might, I can't seem to figure out how to enable the 
logging for the JNDIRealm.

I have placed the <Realm> object definition under my <Engine>, but no matter 
what I see to do, I can't get any logging to display.  I have even added the 
following to to no avail.
org.apache.catalina.core.ContainerBase.[Catalina].level = ALL
org.apache.catalina.core.ContainerBase.[Catalina].handlers =

org.apache.catalina.realm.RealmBase.level = ALL
org.apache.catalina.realm.RealmBase =

Can anyone help point me in the right direction as to how to get this 
logging to be displayes so that I might be able to resolve my problem?



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message