tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shai Levit <>
Subject Re: Connection to ApacheDS LDAP
Date Mon, 04 Nov 2013 19:10:01 GMT
Thank you guys. So here is the thought behind this.
In the Original LDAP Search parameter, I am searching for 2 Attributes: mail and userCertificate.
mail is just a plain string - email and userCertificate is a X.509 DER (.cer) certificate
in binary format.

Hence I thought that I would need to have both in the connectivity. I will try doing a general
Search and then specify in the @GET or @POST method the more specifics.

I did get the connection issue resolved, but not in the manner I thought would be best:

i.e.: I just passed the connection parameters in the @GET method like so:

LdapConnection connection = new LdapNetworkConnection(ipAddress, port);

this works.

Thanks again for the help.



On Nov 4, 2013, at 11:08 AM, Propes, Barry L <> wrote:

> -----Original Message-----
> From: Daniel Mikusa [] 
> Sent: Monday, November 04, 2013 9:57 AM
> To: Tomcat Users List
> Subject: Re: Connection to ApacheDS LDAP
> On Nov 4, 2013, at 10:49 AM, Shai Levit <> wrote:
>> My apologies in advance for some of the syntax and verbiage - I am a newbie in all
of this, but did do my reading / research / and chat on IRC's.
>> The current setup I have is this:
>> Apache DS LDAP version 2.0.0-M14 running on Linux with Port 8660. The 
>> server instance works fine and I am able to do a search via Apache API in Java (Eclipse).
I bind to this server anonymously via connection.bind() Tomcat  version 7.0.47 running on
Mac OS X (Maverick) with Port 8080. The Tomcat instance work fine using the installed default
values. I am able to run simple REST API and consume them via any browser.
>> Issue: I am trying to create a connection to the LDAP server via anonymous binding.
I configured the appropriate conf file: server.xml with the REALM as follows:
>>  <Realm className="org.apache.catalina.realm.JNDIRealm"
>> 			connectionURL="ldap://" debug="99"
>> 			userBase="dc=sumsmail,dc=com"
>> 			userSearch="(mail{0})"
>> 			userSearch="(userCertificate{0})"
> Why do you have "userSearch" specified twice?  That's what's causing the exception below.
>> 			userSubtree="true"
>> 			roleBase="dc=sumsmail,dc=com"
>> 			roleName="cn"
>> 			roleSearch="(mail={0})"
>> 			roleSearch="(userCertificate={0})"
> This will likely cause a similar exception, you can only specify these attributes one.
> Dan
>> 			roleSubtree="true"
>> 			/>
>>     </Realm>
>>     <Host name="localhost"  appBase="webapps"
>>           unpackWARs="true" autoDeploy="true">
> Not that I'm particularly knowledgeable about configuring LDAP, because I'm not but looking
at the error I wondered what Dan did - why did you have the userSearch attribute listed twice?
You also have the roleSearch attribute listed twice, though it might not show that error since
it spits up at the first one.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message