[Bug 42579] [Patch] JNDIRealm fails to parse absolute names

Wed, 27 Feb 2008 22:49:50 -0800 

https://issues.apache.org/bugzilla/show_bug.cgi?id=42579


Dr. Albrecht Weinert <[EMAIL PROTECTED]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[EMAIL PROTECTED]




--- Comment #2 from Dr. Albrecht Weinert <[EMAIL PROTECTED]>  2008-02-27 
22:48:41 ---
By the way of JNDI/Tomcat + Active Directory:

As JNDIRealm is/was never quite happy with Active
Directory for a variety of reasons. After a bunch
of frustrations (of which the lying isUserInGruop()
was one of the worst), I decided to write a new 
Realm class, which I may contribute. 

http://www.a-weinert.de/java/docs/aWeinertBib/de/a_weinert/realm/ADweRealm.html

ADweRealm seaches only one way (performance!) from 
(authenticated) users to their groups. It follows 
the quite important group-in-group relations, and so on.

Experiences in a Windows Server 2003 domain (3000+ user
accounts, hundreds of groups etc.) are quite encouraging.
None of the Tomcat + Active Directory problems, of which
Google is full of, arised any more.

Sorry, this comment is not quite related to below
bug, bat anybody facing AD problems might as well give
ADweRealm a try. For 6.0.x, just  put 
http://www.a-weinert.de/java/catErgWe.jar
into lib, and configure accordingly:

   <!--  ADweRealm added 17.02.2008, a Realm for Active Directory      
      Special development logging can be switched on by 
       devLog="C:\Programme\Apache\Tomcat\logs\awRe.log"
      or
       devLog=" "
      which gives above as default.           
      Omit for no extra logging by de.a_weinert.realm.ADweRealm.DevLog

      Default attributes (can be omitted if value fits) are:
          userRoleName="memberOf" 
          userSubtree="true"
          userSearch="(sAMAccountName={0})"
          shortRoles="true"
          followRoles="true"
       -->
   <Realm name="ADsso" className="de.a_weinert.realm.ADweRealm" debug="999"
      devLog="C:\Programme\Apache\Tomcat\logs\awRe.log"
      allRolesMode="authOnly"

      connectionURL="ldap://193.175.115.2:389";
      alternateURL="ldap://193.175.115.4:389";
      connectionName="CN=ldap Leser,CN=Users,DC=FB3-MEVA,DC=fh-bochum,DC=de"
      connectionPassword="mauseSpatz"

      userBase="DC=FB3-MEVA,DC=fh-bochum,DC=de"
      defaultRole="fb3-meva_user"
      shortRoles="short"
    />  




 (what
JNDIRealm can'tlinks 


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to