tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From long hong <longhong1...@gmail.com>
Subject Re: authentication fail (JNDI Realm with Tomcat )
Date Tue, 30 Nov 2010 07:26:27 GMT
Yes you are right. And I find I misused the <user-data-constraint> element which prevented
me from accessing the login page. I have changed it and can now access the login page. 

I mimic the realm in tomcat wiki and wrote the bellow:
<Realm 
	authentication="simple" 
	className="org.apache.catalina.realm.JNDIRealm" 
	connectionName="cn=tomcat,o=University,c=World" 
	connectionPassword="cscw" 
	connectionURL="ldap://172.16.55.167:3268" 
	debug="99" 
	referrals="follow" 
	roleBase="cn=Roles,o=University,c=World" 
	roleName="cn" 
	roleSearch="(member={0})" 
	roleSubtree="true" 
	userBase="o=University,c=World" 
	userSearch="(sAMAccountName={0})"
	 userSubtree="true"/>

But the login still fails without printing any error.. I wrote a piece of code JNDIClient
to access the same "admin" account and got the right InitialDirContext. Don't know why...

And a curious part is that my AD entry has no "sAMAccountName" property. I changed this to
"CN={0}" and "userPrincipalName={0}" and also failed to pass the authentication. 

On Nov 30, 2010, at 12:29 PM, Caldarale, Charles R wrote:

>> From: long hong [mailto:longhong1985@gmail.com] 
>> Subject: Re: authentication fail (JNDI Realm with Tomcat )
> 
>> the web root context of my web app is "/fs".
> 
> As I suspected.  Again, remove the /fs from the <url-pattern>; the webapp name
is never part of any <url-pattern> in web.xml.
> 
> - Chuck
> 
> 
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and
is thus for use only by the intended recipient. If you received this in error, please contact
the sender and delete the e-mail and its attachments from all computers.
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message