https://issues.apache.org/bugzilla/show_bug.cgi?id=42579
Dr. Albrecht Weinert <[EMAIL PROTECTED]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[EMAIL PROTECTED] --- Comment #2 from Dr. Albrecht Weinert <[EMAIL PROTECTED]> 2008-02-27 22:48:41 --- By the way of JNDI/Tomcat + Active Directory: As JNDIRealm is/was never quite happy with Active Directory for a variety of reasons. After a bunch of frustrations (of which the lying isUserInGruop() was one of the worst), I decided to write a new Realm class, which I may contribute. http://www.a-weinert.de/java/docs/aWeinertBib/de/a_weinert/realm/ADweRealm.html ADweRealm seaches only one way (performance!) from (authenticated) users to their groups. It follows the quite important group-in-group relations, and so on. Experiences in a Windows Server 2003 domain (3000+ user accounts, hundreds of groups etc.) are quite encouraging. None of the Tomcat + Active Directory problems, of which Google is full of, arised any more. Sorry, this comment is not quite related to below bug, bat anybody facing AD problems might as well give ADweRealm a try. For 6.0.x, just put http://www.a-weinert.de/java/catErgWe.jar into lib, and configure accordingly: <!-- ADweRealm added 17.02.2008, a Realm for Active Directory Special development logging can be switched on by devLog="C:\Programme\Apache\Tomcat\logs\awRe.log" or devLog=" " which gives above as default. Omit for no extra logging by de.a_weinert.realm.ADweRealm.DevLog Default attributes (can be omitted if value fits) are: userRoleName="memberOf" userSubtree="true" userSearch="(sAMAccountName={0})" shortRoles="true" followRoles="true" --> <Realm name="ADsso" className="de.a_weinert.realm.ADweRealm" debug="999" devLog="C:\Programme\Apache\Tomcat\logs\awRe.log" allRolesMode="authOnly" connectionURL="ldap://193.175.115.2:389" alternateURL="ldap://193.175.115.4:389" connectionName="CN=ldap Leser,CN=Users,DC=FB3-MEVA,DC=fh-bochum,DC=de" connectionPassword="mauseSpatz" userBase="DC=FB3-MEVA,DC=fh-bochum,DC=de" defaultRole="fb3-meva_user" shortRoles="short" /> (what JNDIRealm can'tlinks -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]