tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Davi Leal <>
Subject JNDIRealm source code - (was: Re: Tomcat vs Bea WebLogic)
Date Sat, 11 Oct 2003 10:34:07 GMT

I am using tomcat 4.1.27, Java sdk-1.4.1_02 and JNDIRealm to use the Micro$oft 
Site Server service to authenticate our webapps.

I get an "error code 2" exception (Protocol Error) only when the user and the 
password is right. That is to say, when an OK is expected. I am thinking 
about modify the JNDIRealm to support that Micro$oft returned 'code', instead 
of raising an exception. It looks easy :) . You can see below the appointed 
catalina log.

Can you supply me any URL, CVS repository, or whatever which points me to the 
JNDI source code?.

I have read the JNDI API I must use is the one included in Java sdk 1.4.2.

Last question: Can we solve the 'M$ protocol' issue just using Tomcat 5.0?.

Davi Leal

Tim Funk wrote:
> I have gotten JNDIRealm to work against iPlanet. I have heard others get it
> working against:
> - Active Directory (I personally had problems due to some IT policies)
> - Novell
> - OpenLDAP
> But in the worst case - the code is open for change so creating a custom
> Realm should be simple if one understands JNDI programming. Which is what I
> had to do with respect to ActiveDirectory and wacky business rules vs
> domain setup.
> -Tim
> David Diaz wrote:
> > Reference:
> >
> >  The WebLogic LDAP realm has been tested against the following LDAP
> > servers:
> >     * OpenLDAP
> >     * iPlanet Directory Server
> >     * Microsoft Site Server
> >
> > I would like to get a similar Tomcat link to show to my boss.


The catalina log

59 JNDIRealm[Standalone]: Connecting to URL ldap://host:1003

* Testing with a no-existent user:

44 JNDIRealm[Standalone]: lookupUser(davi)
44 JNDIRealm[Standalone]:   dn=cn=davi,ou=Members,o=tpi
44 JNDIRealm[Standalone]:   validating credentials by binding as the user
44 JNDIRealm[Standalone]:   binding as cn=davi,ou=Members,o=org
44 JNDIRealm[Standalone]:   bind attempt failed
44 JNDIRealm[Standalone]: Autentificaci¾n fallida para el usuario davi

* Testing with an user which is right, but using a worng password:

36 JNDIRealm[Standalone]: lookupUser(ph32796)
36 JNDIRealm[Standalone]:   dn=cn=ph32796,ou=Members,o=org
36 JNDIRealm[Standalone]:   validating credentials by binding as the user
36 JNDIRealm[Standalone]:   binding as cn=ph32796,ou=Members,o=org
36 JNDIRealm[Standalone]:   bind attempt failed
36 JNDIRealm[Standalone]: Autentificaci¾n fallida para el usuario ph32796

* Testing with both user and password right:

09 JNDIRealm[Standalone]: lookupUser(phe2796)
09 JNDIRealm[Standalone]:   dn=cn=phe2796,ou=Members,o=org
09 JNDIRealm[Standalone]:   validating credentials by binding as the user
09 JNDIRealm[Standalone]:   binding as cn=phe2796,ou=Members,o=org
09 JNDIRealm[Standalone]: Excepci¾n al realizar la autentificaci¾n
javax.naming.CommunicationException: [LDAP: error code 2 - Protocol Error]; 
remaining name ''
   at com.sun.jndi.ldap.LdapCtx.mapErrorCode(
09 JNDIRealm[Standalone]: Closing directory context

The realm we are using in server.xml

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message