tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jill Han" <jill....@alverno.edu>
Subject RE: how to configue tomcat ldap 2008
Date Thu, 20 Jan 2011 13:19:31 GMT
Thanks for your reply.
1. Apache Tomcat version is 5.5.15.
2. Below is from the log file.
Jan 19, 2011 3:29:26 PM org.apache.catalina.realm.JNDIRealm authenticate
SEVERE: Exception performing authentication
javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException:
DomainDnsZones.emp.alverno.edu:389 [Root exception is java.net.UnknownHostException: DomainDnsZones.emp.alverno.edu]]
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:224)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(LdapNamingEnumeration.java:362)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:208)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(LdapNamingEnumeration.java:362)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:208)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:171)
	at org.apache.catalina.realm.JNDIRealm.getUserBySearch(JNDIRealm.java:1067)
	at org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:958)
	at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:907)
	at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:808)
	at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:257)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
	at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:199)
	at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:282)
	at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:754)
	at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:684)
	at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:876)
	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
	at java.lang.Thread.run(Thread.java:595)
Caused by: javax.naming.CommunicationException: DomainDnsZones.emp.alverno.edu:389 [Root exception
is java.net.UnknownHostException: DomainDnsZones.emp.alverno.edu]
	at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:74)
	at com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:132)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(LdapNamingEnumeration.java:339)
	at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:208)
	... 22 more
Caused by: java.net.UnknownHostException: DomainDnsZones.emp.alverno.edu
	at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:177)
	at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
	at java.net.Socket.connect(Socket.java:519)
	at java.net.Socket.connect(Socket.java:469)
	at java.net.Socket.<init>(Socket.java:366)
	at java.net.Socket.<init>(Socket.java:179)
	at com.sun.jndi.ldap.Connection.createSocket(Connection.java:346)
	at com.sun.jndi.ldap.Connection.<init>(Connection.java:181)
	at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
	at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1578)
	at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2596)
	at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
	at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:134)
	at com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:35)
	at javax.naming.spi.NamingManager.getURLObject(NamingManager.java:584)
	at javax.naming.spi.NamingManager.processURL(NamingManager.java:364)
	at javax.naming.spi.NamingManager.processURLAddrs(NamingManager.java:344)
	at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:316)
	at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:93)
	... 25 more

However, username@emp.alverno.edu will be valid when the window server is 2003. 
3. I haven't tested the query independently of Tomcat. I don't know how. If you have the instructions,
it will be very helpful.

Thanks again,

Jill
-----Original Message-----
From: Christopher Schultz [mailto:chris@christopherschultz.net] 
Sent: Wednesday, January 19, 2011 4:45 PM
To: Tomcat Users List
Subject: Re: how to configue tomcat ldap 2008

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jill,

On 1/19/2011 4:56 PM, Jill Han wrote:
> Here is the snippet of server.xml 
> 
> <Realm className="org.apache.catalina.realm.JNDIRealm"
>               debug="99"

debug isn't a valid attribute on any supported version of Tomcat. What
version are you using?

>               connectionName="userName@some.college.edu"
>               connectionPassword="userPass"
>               connectionURL="ldap://some.college.edu:389"

So these credentials still work in the new installation?

>               referrals="follow"
>               userBase="dc=some,dc=college,dc=edu"
>               userSearch="(sAMAccountName={0})"
>               userRoleName="memberof"
>               roleBase="dc=some,dc=college,dc=edu"
>               roleName="cn"
>               roleSearch="(uniqueMember={0})"
>               userSubtree="true"
>               roleSubtree="false" 

Have you tested your query independently of Tomcat to see if it matches
anything?

> It is working on 2003 server. However when the server is upgraded to
> window 2008, it is not working anymore.
> 
> Any suggestions?

What do the log files say?

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk03aXcACgkQ9CaO5/Lv0PBOvACfbMbEFH+JxwlrEulx68NKe0OM
I1cAnAn5Yp82TQM2lXe+rXVu5xWIFqYL
=aYzD
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Mime
View raw message