from:"Robyne Vaughn"

JNDI realm to access AD

2003-08-28 Thread Robyne Vaughn

Hi,
I'm new to Tomcat and ADs. I'm trying to configure a JNDI realm (Tomcat
4.1.17 on IBM AS/400) to authenticate to Active Directory(microsoft on a
server). I've found a couple of brief examples to follow, but don't
understand the nomenclature well enough to make mine work on our
installation. I saw on one webpage that I may need an LDAP driver.
However, I thought that was what ADserver accomplished.(?) I followed
this example: http://www.java-internals.com/code/jndi_realm.html
  

This is my code (with altered user-id, password, and ip address): 

ldap://19.999.9.9:389"; 
userBase="CN=Users,dc=Lubbock,dc=isd"
userSearch="(userPrincipalName={0})"
userRoleName="member"
roleBase="CN=Users,dc=Lubbock,dc=isd"
roleName="cn"
roleSearch="(member={0})"
connectionName="CN=TomcatUserId,DC=lubbock,DC=isd" 
connectionPassword="TomcatPassword"
roleSubtree="true"
userSubtree="true"/> 

This is the error I get:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525,
v893 

  

I can't figure out if we have a "Users" item.  The guys in charge of our
ADs can't tell me its properties.  It's new to them.  They showed me a
script they used to populate it.

under the column labled objectCategory, the entry is:
CN=Person,CN=Schema,CN=Configuration,DC=lubbock,DC=isd 

under the column labled objectClass the entry is:  user   

The other column headings are: 

DNdistinguished name   name   cn   descrioption   displayNmae   mail
givenName   sAMAccountName   sn   userAccountControl   userPrincipalName
homeDirectory   homeDrive 

Under the column labled DN and under the column labled distinguishedName
the entry is the same: 

CN=John Doe, OU=CO,DC=lubbock,DC=isd 

The AD support guys told me that OU=CO means Organizational Unit =
Central office.  I want to be able to search across all OU's. 

Any help or suggestions would be greatly appreciated. 

Thanks,

 
Robyne K. Vaughn
Programmer/Analyst
Lubbock ISD
1628 19th St
Lubbock, TX 79401
806-766-1119

RE: Tomcat and Active Directory / 2003

2003-10-22 Thread Robyne Vaughn

Hi all,
I'm also trying to authenticate to AD from Tomcat.  I'm having some struggles.

When you use this Realm, do you specify basic or form authentication in your 
web-app.xml?

I wish I knew how your ADS forest was arranged.  I'm having trouble figuring out what 
I need to use - what trail to follow - what keywords to use.  Our AD admin is either 
not knowlegeable enough to tell me or I'm asking the wrong questions.
Thanks,
Robyne

-Original Message-
From: Pitre, Russell [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, October 08, 2003 11:34 AM
To: Tomcat Users List; [EMAIL PROTECTED]
Subject: RE: Tomcat and Active Directory / 2003


This is my realm setup in my server.xml config

ldap://[domain controller]:389"
userBase="OU=Users,OU=Shawmut,DC=[domain],DC=com"
userSearch="(sAMAccountName={0})"
userRoleName="member"
roleBase="OU=Users,OU=Shawmut,DC=[domain],DC=com"
roleName="memberOf"
roleSearch="(memberOf=CN=tomcat,CN=Users,DC=shawmut,DC=com)"
connectionName="CN=Administrator,CN=Users,DC=shawmut,DC=com"
connectionPassword="[password]"
roleSubtree="true"
userSubtree="true"/>

hope this helps


Russ





-Original Message-
From: Matt Fury [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, October 08, 2003 1:03 PM
To: Tomcat Users List
Subject: Re: Tomcat and Active Directory / 2003

Hey Thanks for the reply.

Tried all those to no avail. :-/ I did see the Tomcat
realm how-to but I was wondering if there were issues
because it is Micro$oft we're trying to connect to and
its 2003. Who knows, their "standard" ldap may not be
standard.

-Matt


--- Yann Cébron <[EMAIL PROTECTED]> wrote:
> Two guesses:
> 
> * Did you try using the IP-address instead or use
> the FQDN for
> connectionURL, maybe there's something wrong w/ DNS?
> 
> * Try w/o MD5 and see if it works then.
> 
> >   roleSubtree="True"
> 
> typo - or shouldn't this be "true"
> 
> I guess you already found the documentation here:
>
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#JNDIRealm
> 
> HTH,
> Yann
> 
> > BTW: I am using 4.1.27 on Windows 2000 and we're
> > trying to connect to a Windows 2003 AD. Has this
> > changed at all?
> >
> > here is the error trace:
> >
> > Catalina.start: LifecycleException:  Exception
> opening
> > directory server connecti
> > on:  javax.naming.CommunicationException:
> > localhost:389 [Root exception is java.
> > net.ConnectException: Connection refused: connect]
> > LifecycleException:  Exception opening directory
> > server connection:  javax.namin
> > g.CommunicationException: localhost:389 [Root
> > exception is java.net.ConnectExcep
> > tion: Connection refused: connect]
> >
> > It keeps saying localhost:389 and I clearly don't
> have
> > it in the Realm. Here is my setup.
> >
> >  className="org.apache.catalina.realm.JNDIRealm"
> >   debug="99"
> >   connectionName="cn=TomcatRole,dc=vo,dc=net"
> >   connectionPassword="***"
> >   connectionURL="ldap://orlmsdc001:389";
> >   digest="MD5"
> >   roleBase="dc=roles,dc=vo,dc=net"
> >   roleName="cn"
> >   roleSearch="(uniqueMember={0})"
> >   roleSubtree="True"
> >   userPassword="***"
> >   userPattern="cn={0},dc=vacationsonly,dc=net"  />
> >
> >
> >
> > --- Matt Fury <[EMAIL PROTECTED]> wrote:
> > > Hi All,
> > >
> > > I've been trying for several weeks to compile
> > > information on Tomcat and Active Directory
> through
> > > LDAP. I can't quite get all the information I
> need
> > > and
> > > I am hoping someone has a link to what needs to
> be
> > > done. I want to use the Realms in Tomcat but I
> can't
> > > seem to connect properly. For some reason it
> seems
> > > to
> > > keep trying to connect to localhost even though
> its
> > > not specified.
> > >
> > > Also, does SSL NEED to be implemented in order
> to
> > > get
> > > this to work? I will be doing AD connectivity
> > > through
> > > LAN only.
> > >
> > > Thanks.
> > >
> > > -Matt
> > >
> > >
> >
>
-
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail:
> > > [EMAIL PROTECTED]
> > >
> 
> 
> 
> 
>
-
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]
> 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Tomcat mysteriously stops responding...

2003-10-23 Thread Robyne Vaughn

I've had a similar problem and can't figure it out.  I suspect I have a
servlet which isn't closing connections correctly or isn't shutting down
properly and ties up resources.  I havn't found it yet, but someone
suggested poor programming practices from us newbies/unknowledgeables
could be the problem.  

Good luck and I hope you find it.
robyne

-Original Message-
From: Sonny Sukumar [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, October 22, 2003 5:25 PM
To: [EMAIL PROTECTED]
Subject: Tomcat mysteriously stops responding...



Hey guys,

I've had the persistent problem with Tomcat (using
Cocoon) over some months now where when I go to bed at
night my Tomcat/Cocoon server is functioning just fine
and I can access all web pages, both static and
dynamically generated (from a backend db).

But when I wake up and try to access the pages the
connection just times out and I get a totally blank
response.  This doesn't happen every single day, but
often enough to be annoying.  We're soon going live
with the site, so this happening **at all** is a scary
thought.  I can't seem to figure out what the problem
could be.  

I'm fairly sure it's Tomcat because restarting Tomcat
almost always solves the problem.  I've had this
problem through all my Tomcat upgrades (4.1.12 all the
way to 4.1.27 now) and my Cocoon upgrades (from 2.0.x
all the way until latest 2.1.2).

Has anybody else experienced this?  Any idea what it
could be?

Thanks!

Sonny 

__
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: JNDIRealm...more

2003-11-04 Thread Robyne Vaughn

Hi,
I've been watching your emails andI'm still trying to understand.  I
have a couple of ldap books and I'm trying to figure some things out.  I
can authenticate to AD with known OU's and known common names, but I
can't use basic or form authentication and get them authenticated with
just a user-id and password. 

What is:
roleSearch="(memberOf=CN=tomcat,CN=Users,DC=[Domain],DC=com)"
1.specifically, what is CN=tomcat ?Is that a role which has been
set up in AD?  

What is:userBase="OU=Users,OU=[My OU],DC=[Domain],DC=com"  
 2.specifically, what is OU=[My OU] ?

3.   What did you put in your web-app web.xml?  

My AD administrators have not been able to explain our tree structure to
me.  Either I'm asking the wrong questions, or they don't understand it
either.  They have given me a copy of the script they used to load it.
I'm trying to look thru the script to discover the tree structure.

Also, they printed a screen print from their AD administrative tool.  It
has this sort of structure:
Active Directory Users and Computers
 lubbock.isd
Builtin
CO
Computers
Disabled Accounts
Elem
ForeignSecurityPrincipals
HS
JH
LostAndFound
Microsoft Exchange System Object
OG  
System
Users


Should that tell me what to plug into the OU?  I know if I hit the AD
with an Administrative name, password and its OU, then I authenticate.
For instance "CN=Administratorname,OU=CO,dc=lubbock,dc=isd");.   CO
stands for central office (in this case.)  I know that this
administrative name is in the OU=CO.  What do I do if my user is not in
OU=CO?
 
How do I authenticate when I'm not given the person's specific OU?   

I don't understand why you're specifying 2 different values for OU?

Any help would be appreciated.

Thanks,
rob

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 9:13 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


I just got it working...

A million thank yous!  I didn't really understand LDAP until learning
(some) about it yesterday, and once I started learning it, your example
made perfect sense, and now I can authenticate my users!

This rules very much!

Justin

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, November 03, 2003 4:16 PM
To: [EMAIL PROTECTED]
Subject: RE: JNDIRealm...more


Here's what I have..this works for mehope this helps

ldap://[domain controller]:389"
userBase="OU=Users,OU=[My OU],DC=[Domain],DC=com"
userSearch="(sAMAccountName={0})"
userRoleName="member"
roleBase="OU=Users,OU=[my OU],DC=[Domain],DC=com"
roleName="memberOf"

roleSearch="(memberOf=CN=tomcat,CN=Users,DC=[Domain],DC=com)"

connectionName="CN=Administrator,CN=Users,DC=[Domain],DC=com"
connectionPassword="[password]"
roleSubtree="true"
userSubtree="true"/>

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Monday, November 03, 2003 12:57 PM
To: Tomcat Users List
Subject: JNDIRealm...more

My server.xml now looks like this :




Reading through the log shows no errors, just that the realm is openning
and closing connections with my LDAP server, after 3 tries, it tells me
that I need to use http authentication.

What's going wrong here?

Justin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: JNDIRealm...more

2003-11-04 Thread Robyne Vaughn

Justin, 
I REALLY appreciate your help.  I've been stuck for a while.
I believe that Users  is a CN .  (scanning thru the script, I don't see
Users ever set as an OU, but I do see it as a CN.)

How are you browsing around in AD's LDAP?  I have a jndi jsp that I've
tried finding things with. 

One bit of info:  The AD I am trying to authenticate to is on a
different box than the one I work on.  I do know to hit AD with a
connection name and password, then I've tried to use the sAMAccountname
but have been unsuccessful.  I can't quite get my "path" worked out.

I will look thru the DN, to see if I can find where all the users are a
member.  

In my web.xml, I have tried form based and basic authentication.  Which
are you using and don't you have to specify  this stuff?:

   
  
  
   
   
   
   
 

   


   


  


Would the role-name be the entry in the tomcat users or would it be an
entry in the AD?
This is a new web-app I'm trying to get up and it will be the first one
in our group to authenticate against the AD.
Our previous authentication is being eliminated.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 11:14 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


1)  In terms of active directory, the roleSearch, in this case, would be
a group that the person logging in needs to be a member of.  In terms of
mine, it would be the "ALL" mailing list for my company.  What you need
to do, is browse around in active directory's LDAP (I assume that you're
doing this against active directory) and find the entry that describes
the NT group that you want all of your members to be a member of.
CN=tomcat is just part of the DN that identifies that group for the
other guy in this thread.
2)  K, you need to get to your base directory that contrains users.
That could be multiple OU's deep, in terms of active directory, it
probably is, you'll probably have 1 layer for say, job sites, and
another for Users (hence Users).  You'll see if it you browse down your
active directory tree... just enter the DN describing the level
containing your users.
3)  web.xml contains the stuff specific to logging in, so essentially,
whatever you use for authentication now, can still be used, as long as
the data jibes with what's in your active directory.

Is that User's there a CN or a OU?

Justin

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:08 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Hi,
I've been watching your emails andI'm still trying to understand.  I
have a couple of ldap books and I'm trying to figure some things out.  I
can authenticate to AD with known OU's and known common names, but I
can't use basic or form authentication and get them authenticated with
just a user-id and password. 

What is: roleSearch="(memberOf=CN=tomcat,CN=Users,DC=[Domain],DC=com)"
1.specifically, what is CN=tomcat ?Is that a role which has been
set up in AD?  

What is:userBase="OU=Users,OU=[My OU],DC=[Domain],DC=com"  
 2.specifically, what is OU=[My OU] ?

3.   What did you put in your web-app web.xml?  

My AD administrators have not been able to explain our tree structure to
me.  Either I'm asking the wrong questions, or they don't understand it
either.  They have given me a copy of the script they used to load it.
I'm trying to look thru the script to discover the tree structure.

Also, they printed a screen print from their AD administrative tool.  It
has this sort of structure: Active Directory Users and Computers
 lubbock.isd
Builtin
CO
Computers
Disabled Accounts
Elem
ForeignSecurityPrincipals
HS
JH
LostAndFound
Microsoft Exchange System Object
OG  
System
Users


Should that tell me what to plug into the OU?  I know if I hit the AD
with an Administrative name, password and its OU, then I authenticate.
For instance "CN=Administratorname,OU=CO,dc=lubbock,dc=isd");.   CO
stands for central office (in this case.)  I know that this
administrative name is in the OU=CO.  What do I do if my user is not in
OU=CO?
 
How do I authenticate when I'm not given the person's specific OU?   

I don't understand why you're specifying 2 different values for OU?

Any help would be appreciated.

Thanks,
rob

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 9:13 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


I just got it working...

A million thank yous!  I didn't really understand LDAP until learning
(some) about it yesterday, and once I started learning it, your example
made perfect sense, and now I can au

RE: JNDIRealm...more

2003-11-04 Thread Robyne Vaughn

Thanks, Justin,
You've given me some good pointers.  I guess I'll do some more hammering
and snooping.
Our AD is on a server and the administrators gave me an administrator
type password to try hitting it with, but they don't want me snooping
around too much.  I don't actually have direct access to it.  Like I
said, I have hit it with some JNDI, but that is new to me also, and I
still couldn't discover the tree structure adequately. 
Anyway, I guess I'll try to pull things out of the loading script and my
LDAP books.  It's so frustrating.  I can't find and the administrators
don't know where the collective "all" of our users are located.  They
found an example script, used it, and don't really know what they have
yet.

I really appreciate your time.
Thanks, 
Rob
Ps I expect I'll have more questions later.  Right now, I'm still stuck
just figuring out where "all users" are.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 11:40 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Oh, for the AD LDAP, I've been using the programs that came with Active
Directory.  There is also an ldp.exe, I dunno where that came from, but
that's pretty useful.

-Original Message-
From: Hart, Justin 
Sent: Tuesday, November 04, 2003 12:39 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


I used * as my role-name.

Justin

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:38 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Justin, 
I REALLY appreciate your help.  I've been stuck for a while.
I believe that Users  is a CN .  (scanning thru the script, I don't see
Users ever set as an OU, but I do see it as a CN.)

How are you browsing around in AD's LDAP?  I have a jndi jsp that I've
tried finding things with. 

One bit of info:  The AD I am trying to authenticate to is on a
different box than the one I work on.  I do know to hit AD with a
connection name and password, then I've tried to use the sAMAccountname
but have been unsuccessful.  I can't quite get my "path" worked out.

I will look thru the DN, to see if I can find where all the users are a
member.  

In my web.xml, I have tried form based and basic authentication.  Which
are you using and don't you have to specify  this stuff?:

   
  
  
   
   
   
   
 

   


   


  


Would the role-name be the entry in the tomcat users or would it be an
entry in the AD? This is a new web-app I'm trying to get up and it will
be the first one in our group to authenticate against the AD. Our
previous authentication is being eliminated.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 11:14 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


1)  In terms of active directory, the roleSearch, in this case, would be
a group that the person logging in needs to be a member of.  In terms of
mine, it would be the "ALL" mailing list for my company.  What you need
to do, is browse around in active directory's LDAP (I assume that you're
doing this against active directory) and find the entry that describes
the NT group that you want all of your members to be a member of.
CN=tomcat is just part of the DN that identifies that group for the
other guy in this thread.
2)  K, you need to get to your base directory that contrains users. That
could be multiple OU's deep, in terms of active directory, it probably
is, you'll probably have 1 layer for say, job sites, and another for
Users (hence Users).  You'll see if it you browse down your active
directory tree... just enter the DN describing the level containing your
users.
3)  web.xml contains the stuff specific to logging in, so essentially,
whatever you use for authentication now, can still be used, as long as
the data jibes with what's in your active directory.

Is that User's there a CN or a OU?

Justin

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:08 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Hi,
I've been watching your emails andI'm still trying to understand.  I
have a couple of ldap books and I'm trying to figure some things out.  I
can authenticate to AD with known OU's and known common names, but I
can't use basic or form authentication and get them authenticated with
just a user-id and password. 

What is: roleSearch="(memberOf=CN=tomcat,CN=Users,DC=[Domain],DC=com)"
1.specifically, what is CN=tomcat ?Is that a role which has been
set up in AD?  

What is:userBase="OU=Users,OU=[My OU],DC=[Domain],DC=com"  
 2.specifically, what is OU=[My OU] ?

3.   What did you put in your web-app web.xml?

RE: JNDIRealm...more

2003-11-04 Thread Robyne Vaughn

Thanks.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 12:10 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Good luck.

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 1:07 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Thanks, Justin,
You've given me some good pointers.  I guess I'll do some more hammering
and snooping. Our AD is on a server and the administrators gave me an
administrator type password to try hitting it with, but they don't want
me snooping around too much.  I don't actually have direct access to it.
Like I said, I have hit it with some JNDI, but that is new to me also,
and I still couldn't discover the tree structure adequately. 
Anyway, I guess I'll try to pull things out of the loading script and my
LDAP books.  It's so frustrating.  I can't find and the administrators
don't know where the collective "all" of our users are located.  They
found an example script, used it, and don't really know what they have
yet.

I really appreciate your time.
Thanks, 
Rob
Ps I expect I'll have more questions later.  Right now, I'm still stuck
just figuring out where "all users" are.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 11:40 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Oh, for the AD LDAP, I've been using the programs that came with Active
Directory.  There is also an ldp.exe, I dunno where that came from, but
that's pretty useful.

-Original Message-
From: Hart, Justin 
Sent: Tuesday, November 04, 2003 12:39 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

I used * as my role-name.

Justin

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:38 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Justin, 
I REALLY appreciate your help.  I've been stuck for a while.
I believe that Users  is a CN .  (scanning thru the script, I don't see
Users ever set as an OU, but I do see it as a CN.)

How are you browsing around in AD's LDAP?  I have a jndi jsp that I've
tried finding things with. 

One bit of info:  The AD I am trying to authenticate to is on a
different box than the one I work on.  I do know to hit AD with a
connection name and password, then I've tried to use the sAMAccountname
but have been unsuccessful.  I can't quite get my "path" worked out.

I will look thru the DN, to see if I can find where all the users are a
member.  

In my web.xml, I have tried form based and basic authentication.  Which
are you using and don't you have to specify  this stuff?:

Would the role-name be the entry in the tomcat users or would it be an
entry in the AD? This is a new web-app I'm trying to get up and it will
be the first one in our group to authenticate against the AD. Our
previous authentication is being eliminated.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 11:14 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

1)  In terms of active directory, the roleSearch, in this case, would be
a group that the person logging in needs to be a member of.  In terms of
mine, it would be the "ALL" mailing list for my company.  What you need
to do, is browse around in active directory's LDAP (I assume that you're
doing this against active directory) and find the entry that describes
the NT group that you want all of your members to be a member of.
CN=tomcat is just part of the DN that identifies that group for the
other guy in this thread.
2)  K, you need to get to your base directory that contrains users. That
could be multiple OU's deep, in terms of active directory, it probably
is, you'll probably have 1 layer for say, job sites, and another for
Users (hence Users).  You'll see if it you browse down your active
directory tree... just enter the DN describing the level containing your
users.
3)  web.xml contains the stuff specific to logging in, so essentially,
whatever you use for authentication now, can still be used, as long as
the data jibes with what's in your active directory.

Is that User's there a CN or a OU?

Justin

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:08 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Hi,
I've been watching your emails andI'm still trying to understand.  I
have a couple of ldap books and I'm trying to figure some things out.  I
can authenticate to AD with known OU's and known common names, but I
can't use basic or form authentication and get them authenticated with
just a user-id

RE: JNDIRealm...more

2003-11-05 Thread Robyne Vaughn

Dean,
WOW, this is enlightening.  
Thanks,  I'll let you know how it goes.  I believe I have the connection
name part working.  I have not been able to find the user.  This helps a
lot.  
Much appreciation,
I'll let you know how it goes.
Rob


-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 9:48 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Hello,

I hope that I am not to late to post here. I have just returned to the
land of the living and have started to catch up on my reading. I noticed
that Robyne you were trying to find the "collective all" for your users.
I have just recently figured this out after working on it for two days.
Here is my working server.xml:

ldap://your.AD.com";
   alternateURL="ldap://other.AD.com";
   connectionName="cn=USER DISPLAY NAME,ou=FIRST
SUB-GROUP,dc=AD,dc=com"
   connectionPassword="XX"
   referrals="follow"
   userBase="dc=AD,dc=com"

userSearch="(&(sAMAccountName={0})(objectClass=user))"
   userSubtree="true"
   roleBase="dc=AD,dc=com"
   roleSearch="(uniqueMember={0})"
   roleName="cn"
   />

KEY:

cn = common name
ou = organizational unit
dc = domain controller

your.AD.com>www.yahoo.com
other.AD.com   >mail.yahoo.com
USER DISPLAY NAME   >   This is the full name that shows up in
your AD, ie user might be johnd but full
name is John Doe.
For the connection name and password, it must be user that has
authority to access AD. This part is necessary to connect.

FIRST SUB-GROUP > This depends on how your organization is
built in AD. You might have departments like: Accounting, Human
Resources, Information Technologies.

In an AD structure it might look something like this:

COM
|
|_Yahoo
  |
  |
  |_Accounting
  |   |_John Doe
  |
  |_Information Technologies
  ||_Jack Daniels
  |
  |_Human Resources
  |_Mary Jane

sAMAccountName  >  is the account name you most commonly login into
your computers with objectClass="user"  >  this should be user, as
defined in AD unless
your sys admin or someone has tampered   
   the AD.
referrals="follow"  > this is necessary to traverse the full AD
without knowing the user's base location.

I hope that this clears up some issues for you. Please let me know if I
can help you more.


Dean E. Searle
Computing Oasis
989.245.7369 (P)
989.921.3904 (F)
 


-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 1:25 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Thanks.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 12:10 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Good luck.

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 1:07 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Thanks, Justin,
You've given me some good pointers.  I guess I'll do some more hammering
and snooping. Our AD is on a server and the administrators gave me an
administrator type password to try hitting it with, but they don't want
me snooping around too much.  I don't actually have direct access to it.
Like I said, I have hit it with some JNDI, but that is new to me also,
and I still couldn't discover the tree structure adequately. 
Anyway, I guess I'll try to pull things out of the loading script and my
LDAP books.  It's so frustrating.  I can't find and the administrators
don't know where the collective "all" of our users are located.  They
found an example script, used it, and don't really know what they have
yet.

I really appreciate your time.
Thanks, 
Rob
Ps I expect I'll have more questions later.  Right now, I'm still stuck
just figuring out where "all users" are.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 11:40 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Oh, for the AD LDAP, I've been using the programs that came with Active
Directory.  There is also an ldp.exe, I dunno where that came from, but
that's pretty useful.

-Original Message-
From: Hart, Justin 
Sent: Tuesday, November 04, 2003 12:39 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


I used * as my role-name.

Justin

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:38 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Justin, 
I REALLY appreciate your he

RE: JNDIRealm...more

2003-11-05 Thread Robyne Vaughn

Dean!
Mine works!
A thousand thanks!
I hope I can return the favor some time.
Your nice explanation helped. 
 
I did not need the alternatURL in mine.  I found out that we have 2 mail
servers, well the server.xml only allows for 1 alternate.  I decided to
try it without any and it worked.

Much appreciation,
Robyne Vaughn
  

-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 9:48 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Hello,

I hope that I am not to late to post here. I have just returned to the
land of the living and have started to catch up on my reading. I noticed
that Robyne you were trying to find the "collective all" for your users.
I have just recently figured this out after working on it for two days.
Here is my working server.xml:

ldap://your.AD.com";
   alternateURL="ldap://other.AD.com";
   connectionName="cn=USER DISPLAY NAME,ou=FIRST
SUB-GROUP,dc=AD,dc=com"
   connectionPassword="XX"
   referrals="follow"
   userBase="dc=AD,dc=com"

userSearch="(&(sAMAccountName={0})(objectClass=user))"
   userSubtree="true"
   roleBase="dc=AD,dc=com"
   roleSearch="(uniqueMember={0})"
   roleName="cn"
   />

KEY:

cn = common name
ou = organizational unit
dc = domain controller

your.AD.com>www.yahoo.com
other.AD.com   >mail.yahoo.com
USER DISPLAY NAME   >   This is the full name that shows up in
your AD, ie user might be johnd but full
name is John Doe.
For the connection name and password, it must be user that has
authority to access AD. This part is necessary to connect.

FIRST SUB-GROUP > This depends on how your organization is
built in AD. You might have departments like: Accounting, Human
Resources, Information Technologies.

In an AD structure it might look something like this:

COM
|
|_Yahoo
  |
  |
  |_Accounting
  |   |_John Doe
  |
  |_Information Technologies
  ||_Jack Daniels
  |
  |_Human Resources
  |_Mary Jane

sAMAccountName  >  is the account name you most commonly login into
your computers with objectClass="user"  >  this should be user, as
defined in AD unless
your sys admin or someone has tampered   
   the AD.
referrals="follow"  > this is necessary to traverse the full AD
without knowing the user's base location.

I hope that this clears up some issues for you. Please let me know if I
can help you more.


Dean E. Searle
Computing Oasis
989.245.7369 (P)
989.921.3904 (F)
 


-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 1:25 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Thanks.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 12:10 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Good luck.

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 1:07 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Thanks, Justin,
You've given me some good pointers.  I guess I'll do some more hammering
and snooping. Our AD is on a server and the administrators gave me an
administrator type password to try hitting it with, but they don't want
me snooping around too much.  I don't actually have direct access to it.
Like I said, I have hit it with some JNDI, but that is new to me also,
and I still couldn't discover the tree structure adequately. 
Anyway, I guess I'll try to pull things out of the loading script and my
LDAP books.  It's so frustrating.  I can't find and the administrators
don't know where the collective "all" of our users are located.  They
found an example script, used it, and don't really know what they have
yet.

I really appreciate your time.
Thanks, 
Rob
Ps I expect I'll have more questions later.  Right now, I'm still stuck
just figuring out where "all users" are.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 11:40 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Oh, for the AD LDAP, I've been using the programs that came with Active
Directory.  There is also an ldp.exe, I dunno where that came from, but
that's pretty useful.

-Original Message-
From: Hart, Justin 
Sent: Tuesday, November 04, 2003 12:39 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


I used * as my role-name.

Justin

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 12:38 PM
To: Tomcat Users

RE: JNDIRealm...more

2003-11-05 Thread Robyne Vaughn

Thanks for the pointer, I'll see about pointing to one of our 2 mail
servers.  I wonder if they "talk" back and forth.
Also,
Do you know how I can extract the sign-ed on user's user-id once they've
authenticated?
robyne

-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, November 05, 2003 2:06 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Great to hear that information worked for you. I included the
alternateURL in the event our primary AD went down for one reason or
another and our users could still access the password protected sites.
Without an alternate AD active or specified you will not have access to
your web applications.


-Original Message-----
From:   Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent:   Wed 11/5/2003 13:46
To: Tomcat Users List
Cc: 
Subject:RE: JNDIRealm...more
Dean!
Mine works!
A thousand thanks!
I hope I can return the favor some time.
Your nice explanation helped. 
 
I did not need the alternatURL in mine.  I found out that we have 2 mail
servers, well the server.xml only allows for 1 alternate.  I decided to
try it without any and it worked.

Much appreciation,
Robyne Vaughn
  

-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 9:48 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Hello,

I hope that I am not to late to post here. I have just returned to the
land of the living and have started to catch up on my reading. I noticed
that Robyne you were trying to find the "collective all" for your users.
I have just recently figured this out after working on it for two days.
Here is my working server.xml:

ldap://your.AD.com";
   alternateURL="ldap://other.AD.com";
   connectionName="cn=USER DISPLAY NAME,ou=FIRST
SUB-GROUP,dc=AD,dc=com"
   connectionPassword="XX"
   referrals="follow"
   userBase="dc=AD,dc=com"

userSearch="(&(sAMAccountName={0})(objectClass=user))"
   userSubtree="true"
   roleBase="dc=AD,dc=com"
   roleSearch="(uniqueMember={0})"
   roleName="cn"
   />

KEY:

cn = common name
ou = organizational unit
dc = domain controller

your.AD.com>www.yahoo.com
other.AD.com   >mail.yahoo.com
USER DISPLAY NAME   >   This is the full name that shows up in
your AD, ie user might be johnd but full
name is John Doe.
For the connection name and password, it must be user that has
authority to access AD. This part is necessary to connect.

FIRST SUB-GROUP > This depends on how your organization is
built in AD. You might have departments like: Accounting, Human
Resources, Information Technologies.

In an AD structure it might look something like this:

COM
|
|_Yahoo
  |
  |
  |_Accounting
  |   |_John Doe
  |
  |_Information Technologies
  ||_Jack Daniels
  |
  |_Human Resources
  |_Mary Jane

sAMAccountName  >  is the account name you most commonly login into
your computers with objectClass="user"  >  this should be user, as
defined in AD unless
your sys admin or someone has tampered   
   the AD.
referrals="follow"  > this is necessary to traverse the full AD
without knowing the user's base location.

I hope that this clears up some issues for you. Please let me know if I
can help you more.


Dean E. Searle
Computing Oasis
989.245.7369 (P)
989.921.3904 (F)
 


-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 1:25 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Thanks.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 12:10 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Good luck.

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 1:07 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more


Thanks, Justin,
You've given me some good pointers.  I guess I'll do some more hammering
and snooping. Our AD is on a server and the administrators gave me an
administrator type password to try hitting it with, but they don't want
me snooping around too much.  I don't actually have direct access to it.
Like I said, I have hit it with some JNDI, but that is new to me also,
and I still couldn't discover the tree structure adequately. 
Anyway, I guess I'll try to pull things out of the loading script and my
LDAP books.  It's so frustrating.  I can't find and the administrators
don't know where the collective "all" of our users are located.  They
found an example script,

RE: JNDIRealm...more

2003-11-06 Thread Robyne Vaughn

I can use that.  Thanks.
Robyne

-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED] 
Sent: Thursday, November 06, 2003 5:58 AM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

getRemoteUser(), if your familiar with jsp's then you'll know how to use
it. Unfortunately I don't, but I guess that is why we have web
application developers on staff. :-)

Dean Searle
Computing Oasis
989.245.7369 (p)
989.921.3904 (f)

-Original Message-----
From: Robyne Vaughn [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, November 05, 2003 5:00 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Thanks for the pointer, I'll see about pointing to one of our 2 mail
servers.  I wonder if they "talk" back and forth. Also, Do you know how
I can extract the sign-ed on user's user-id once they've authenticated?
robyne

-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, November 05, 2003 2:06 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Great to hear that information worked for you. I included the
alternateURL in the event our primary AD went down for one reason or
another and our users could still access the password protected sites.
Without an alternate AD active or specified you will not have access to
your web applications.

-----Original Message-
From:   Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent:   Wed 11/5/2003 13:46
To: Tomcat Users List
Cc: 
Subject:RE: JNDIRealm...more
Dean!
Mine works!
A thousand thanks!
I hope I can return the favor some time.
Your nice explanation helped. 

I did not need the alternatURL in mine.  I found out that we have 2 mail
servers, well the server.xml only allows for 1 alternate.  I decided to
try it without any and it worked.

Much appreciation,
Robyne Vaughn

-Original Message-
From: Dean Searle [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 9:48 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Hello,

I hope that I am not to late to post here. I have just returned to the
land of the living and have started to catch up on my reading. I noticed
that Robyne you were trying to find the "collective all" for your users.
I have just recently figured this out after working on it for two days.
Here is my working server.xml:

ldap://your.AD.com";
   alternateURL="ldap://other.AD.com";
   connectionName="cn=USER DISPLAY NAME,ou=FIRST
SUB-GROUP,dc=AD,dc=com"
   connectionPassword="XX"
   referrals="follow"
   userBase="dc=AD,dc=com"

userSearch="(&(sAMAccountName={0})(objectClass=user))"
   userSubtree="true"
   roleBase="dc=AD,dc=com"
   roleSearch="(uniqueMember={0})"
   roleName="cn"
   />

KEY:

cn = common name
ou = organizational unit
dc = domain controller

your.AD.com>www.yahoo.com
other.AD.com   >mail.yahoo.com
USER DISPLAY NAME   >   This is the full name that shows up in
your AD, ie user might be johnd but full
name is John Doe.
For the connection name and password, it must be user that has
authority to access AD. This part is necessary to connect.

FIRST SUB-GROUP > This depends on how your organization is
built in AD. You might have departments like: Accounting, Human
Resources, Information Technologies.

In an AD structure it might look something like this:

COM
|
|_Yahoo
  |
  |
  |_Accounting
  |   |_John Doe
  |
  |_Information Technologies
  ||_Jack Daniels
  |
  |_Human Resources
  |_Mary Jane

sAMAccountName  >  is the account name you most commonly login into
your computers with objectClass="user"  >  this should be user, as
defined in AD unless
your sys admin or someone has tampered   
   the AD.
referrals="follow"  > this is necessary to traverse the full AD
without knowing the user's base location.

I hope that this clears up some issues for you. Please let me know if I
can help you more.

Dean E. Searle
Computing Oasis
989.245.7369 (P)
989.921.3904 (F)

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 1:25 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Thanks.

-Original Message-
From: Hart, Justin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2003 12:10 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Good luck.

-Original Message-
From: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 1:07 PM
To: Tomcat Users List
Subject: RE: JNDIRealm...more

Thanks, Justin,
You've given me some good pointers.  I guess I'll do some more hammering
and snoopin

RE: How could I solve this error

2003-11-06 Thread Robyne Vaughn


Error snippet:
root cause 

java.lang.NoClassDefFoundError: javax/servlet/http/HttpServlet



I think I remember this happening to me when I saved my servlet as one
name, but inside the servlet, the class name was something else.
robyne

-Original Message-
From: Javier [mailto:[EMAIL PROTECTED] 
Sent: Thursday, November 06, 2003 5:26 AM
To: Tomcat Users List
Subject: How could I solve this error



I tried to run my first servlet and got this error:


description The server encountered an internal error () that prevented
it from fulfilling this request.

exception 

javax.servlet.ServletException: Error allocating a servlet instance

org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:16
4)

org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:578
)

org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:209)

org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:78
1)

org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onn
ection(Http11Protocol.java:549)

org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:58
9)

org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.ja
va:666)
java.lang.Thread.run(Unknown Source)


root cause 

java.lang.NoClassDefFoundError: javax/servlet/http/HttpServlet
java.lang.ClassLoader.defineClass0(Native Method)
java.lang.ClassLoader.defineClass(Unknown Source)
java.security.SecureClassLoader.defineClass(Unknown Source)
java.net.URLClassLoader.defineClass(Unknown Source)
java.net.URLClassLoader.access$100(Unknown Source)
java.net.URLClassLoader$1.run(Unknown Source)
java.security.AccessController.doPrivileged(Native Method)
java.net.URLClassLoader.findClass(Unknown Source)
java.lang.ClassLoader.loadClass(Unknown Source)
java.lang.ClassLoader.loadClass(Unknown Source)
sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
java.lang.ClassLoader.loadClass(Unknown Source)

org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.ja
va:1278)

org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.ja
va:1212)
java.lang.ClassLoader.loadClassInternal(Unknown Source)
java.lang.ClassLoader.defineClass0(Native Method)
java.lang.ClassLoader.defineClass(Unknown Source)
java.security.SecureClassLoader.defineClass(Unknown Source)

org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappCla
ssL
oader.java:1652)

org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader
.ja
va:883)

org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.ja
va:1332)

org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.ja
va:1212)

org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:16
4)

org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:578
)

org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:209)

org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:78
1)

org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onn
ection(Http11Protocol.java:549)

org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:58
9)

org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.ja
va:666)
java.lang.Thread.run(Unknown Source)





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: How could I solve this error

2003-11-06 Thread Robyne Vaughn

Ps.  I also tried to invoke it under the name it was saved under
rob

-Original Message-
From: Robyne Vaughn 
Sent: Thursday, November 06, 2003 8:18 AM
To: Tomcat Users List
Subject: RE: How could I solve this error



Error snippet:
root cause 

java.lang.NoClassDefFoundError: javax/servlet/http/HttpServlet



I think I remember this happening to me when I saved my servlet as one
name, but inside the servlet, the class name was something else. robyne

-Original Message-
From: Javier [mailto:[EMAIL PROTECTED] 
Sent: Thursday, November 06, 2003 5:26 AM
To: Tomcat Users List
Subject: How could I solve this error



I tried to run my first servlet and got this error:


description The server encountered an internal error () that prevented
it from fulfilling this request.

exception 

javax.servlet.ServletException: Error allocating a servlet instance

org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:16
4)

org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:578
)

org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:209)

org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:78
1)

org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onn
ection(Http11Protocol.java:549)

org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:58
9)

org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.ja
va:666)
java.lang.Thread.run(Unknown Source)


root cause 

java.lang.NoClassDefFoundError: javax/servlet/http/HttpServlet
java.lang.ClassLoader.defineClass0(Native Method)
java.lang.ClassLoader.defineClass(Unknown Source)
java.security.SecureClassLoader.defineClass(Unknown Source)
java.net.URLClassLoader.defineClass(Unknown Source)
java.net.URLClassLoader.access$100(Unknown Source)
java.net.URLClassLoader$1.run(Unknown Source)
java.security.AccessController.doPrivileged(Native Method)
java.net.URLClassLoader.findClass(Unknown Source)
java.lang.ClassLoader.loadClass(Unknown Source)
java.lang.ClassLoader.loadClass(Unknown Source)
sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
java.lang.ClassLoader.loadClass(Unknown Source)

org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.ja
va:1278)

org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.ja
va:1212)
java.lang.ClassLoader.loadClassInternal(Unknown Source)
java.lang.ClassLoader.defineClass0(Native Method)
java.lang.ClassLoader.defineClass(Unknown Source)
java.security.SecureClassLoader.defineClass(Unknown Source)

org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappCla
ssL
oader.java:1652)

org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader
.ja
va:883)

org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.ja
va:1332)

org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.ja
va:1212)

org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:16
4)

org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:578
)

org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:209)

org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:78
1)

org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onn
ection(Http11Protocol.java:549)

org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:58
9)

org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.ja
va:666)
java.lang.Thread.run(Unknown Source)





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Tomcat Authenticates to AD. How do I access AD variables?

2003-11-11 Thread Robyne Vaughn

Hi,
Thanks to Dean Searle my Tomcat now Authenticates to Active Directory
with this in my server.xml
(of course, the names have been changed to protect the innocent)
 
ldap://99.999.9.9:389 <ldap://99.999.9.9:389> "
 
connectionName="CN=connectionUID,OU=connectionUIDou,dc=mycompany,dc=isd"
  connectionPassword="connectionUIDpassword"
  referrals="follow"
  userBase="dc=mycompany,dc=isd"
 
  userSearch="(&(sAMAccountName={0})(objectClass=user))"
  userSubtree="true"
  roleBase="dc=mycompany, dc=isd"
  roleSearch="(uniqueMember={0})"
  rolename="cn"
 />
 
My web-app/web.xml fires off a form for authentication when my web-app
opening .jsp is requested.  After being authenticated the opening .jsp
fires off.
 
In my opening .jsp, how can I get user data from Active Directory?
 
For instance, how would I retrieve their Surname, firstname, and e-mail
address from AD using my .jsp after Tomcat has authenticated them?
 
getRemoteUser gives me their login id, but I don't know how to get to
all their data since I don't know the path along which Tomcat found them
and authenticated them.
 
 
thanks,
Robyne Vaughn

RE: Tomcat Authenticates to AD. How do I access AD variables?

2003-11-12 Thread Robyne Vaughn

Tim, 
Thanks for your reply.I do mean attributes.
I don't know much about JNDI. (excuse me if I don't know the correct
wording).

  I do have one little JNDI program which I copied and altered. It hits
active directory with an authorized connection name and OU and etc.  All
of which are hard-coded.  Then, I change context to another hardcoded
name and OU and can get certain attributes with that info. If I don't
specify an OU, I don't find what I'm looking for. The problem is that
when a user logs in, I don't know what their OU is.  Tomcat handles that
for me.  I don't know how to plug in the correct "path" in to a user's
data.  All I know is getRemoteUser and that 1 little piece of info isn't
enough to find a user's attributes with.  When I look in my logs, I can
see what DN tomcat followed to authenticate my user.  That hints to me
that I ought to be able to extract the "path" (DN?) to use.

All I know about JNDI, I've found out in the last 2 weeks.  If you have
some coding examples you would care to share.  I would greatly
appreciate it.  (I have seen the sun tutorial - it's incomplete where AD
is concerned)

Much appreciation
Robyne

-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 11, 2003 6:51 PM
To: Tomcat Users List
Subject: Re: Tomcat Authenticates to AD. How do I access AD variables?

All their data? Do you mean the attributes of the user as stored in
Active 
Directory? If that is the case - tomcat (or any servlet container)
doesn't 
provide this functionality. But you can "easily" look it up via some
JNDI 
calls since you know the name of the user.

-Tim

Robyne Vaughn wrote:

> My web-app/web.xml fires off a form for authentication when my web-app

> opening .jsp is requested.  After being authenticated the opening .jsp

> fires off.
>  
> In my opening .jsp, how can I get user data from Active Directory?
>  
> For instance, how would I retrieve their Surname, firstname, and 
> e-mail address from AD using my .jsp after Tomcat has authenticated 
> them?
>  
> getRemoteUser gives me their login id, but I don't know how to get to 
> all their data since I don't know the path along which Tomcat found 
> them and authenticated them.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [OT] Re: Tomcat Authenticates to AD. How do I access AD variables?

2003-11-12 Thread Robyne Vaughn

Thanks, Tim.
That's a lot of help.
Robyne

-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, November 12, 2003 8:04 AM
To: Tomcat Users List
Subject: [OT] Re: Tomcat Authenticates to AD. How do I access AD
variables?

 From the user id that tomcat returns, you'll need to determine the DN.
In 
which you can do (I think) this way:

1) When constructing your context, use "follow", which makes it nice
when you 
are using a forrest of domains (if thats the right term) for example:
env.put(Context.REFERRAL, "follow");
2) Get the DN from the userid. Here I assume sAMAccountName is used for
userid.
   SearchControls constraints = new SearchControls();
   constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
   NamingEnumeration results =
  ctx.search(organization_,
 "(&(sAMAccountName=" + userId + "))",
 constraints);
3) You should now how have the DN so you may do subsequent attribute
lookups. 
Through normal JNDI calls. (I think)

I don't do much JNDI stuff, so I can't vouch that the above is in any
manner 
correct. (But I hope it is)

-Tim

Robyne Vaughn wrote:

> Tim, 
> Thanks for your reply.I do mean attributes.
> I don't know much about JNDI. (excuse me if I don't know the correct 
> wording).
> 
>   I do have one little JNDI program which I copied and altered. It 
> hits active directory with an authorized connection name and OU and 
> etc.  All of which are hard-coded.  Then, I change context to another 
> hardcoded name and OU and can get certain attributes with that info. 
> If I don't specify an OU, I don't find what I'm looking for. The 
> problem is that when a user logs in, I don't know what their OU is.  
> Tomcat handles that for me.  I don't know how to plug in the correct 
> "path" in to a user's data.  All I know is getRemoteUser and that 1 
> little piece of info isn't enough to find a user's attributes with.  
> When I look in my logs, I can see what DN tomcat followed to 
> authenticate my user.  That hints to me that I ought to be able to 
> extract the "path" (DN?) to use.
> 
> All I know about JNDI, I've found out in the last 2 weeks.  If you 
> have some coding examples you would care to share.  I would greatly 
> appreciate it.  (I have seen the sun tutorial - it's incomplete where 
> AD is concerned)

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Timestamp on log is 6 hours ahead of system time.

2003-11-13 Thread Robyne Vaughn

Can anyone tell me why the timestamp on my Tomcat logs (catalina.out),
and web-app logs is about 6 hours ahead of the system time on the system
on which tomcat runs?  How can I fix it to find the correct or the
system time?
 
thanks,
 
Robyne K. Vaughn

RE: Timestamp on log is 6 hours ahead of system time.

2003-11-14 Thread Robyne Vaughn

Thanks.  That somewhat answers the question.  Would you know how I can
fix the problem?  How would I check to see what timezone the jvm is
pointing to - and then how would I set it to the correct time?   I would
be the current user who starts Tomcat.  I don't know if I(user) have any
time specifications separate from the system. 

-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED] 
Sent: Thursday, November 13, 2003 7:45 PM
To: Tomcat Users List
Subject: Re: Timestamp on log is 6 hours ahead of system time.

The JVM is probably thinking the current timezone is wrong. Or the
current 
user running the java process has that problem.

-Tim

Robyne Vaughn wrote:

> Can anyone tell me why the timestamp on my Tomcat logs (catalina.out),

> and web-app logs is about 6 hours ahead of the system time on the 
> system on which tomcat runs?  How can I fix it to find the correct or 
> the system time?
>   

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Timestamp on log is 6 hours ahead of system time.

2003-11-14 Thread Robyne Vaughn

Thanks.   That helps a lot.  However, not unix,  IBM OS/400.  I know
where to look for help with that.
Much appreciation.
robyne

-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED] 
Sent: Friday, November 14, 2003 8:02 AM
To: Tomcat Users List
Subject: Re: Timestamp on log is 6 hours ahead of system time.


To check dump your System variables, the time zone variable should be
obvious 
to pick out from all System properties

To set
1) Set the appropriate system property (CATALINA_OPTS=-D???)
or
2) (Unix) Make sure your TZ environment var is correct (YMMV depending
on 
unix flavor)

-Tim

Robyne Vaughn wrote:

> Thanks.  That somewhat answers the question.  Would you know how I can

> fix the problem?  How would I check to see what timezone the jvm is
> pointing to - and then how would I set it to the correct time?   I
would
> be the current user who starts Tomcat.  I don't know if I(user) have 
> any time specifications separate from the system.
> 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

which jar files help accomplish JNDI/LDAP/ADS authentication in 4.1.12

2004-09-10 Thread Robyne Vaughn

I have a configuration of tomcat 4.1.17 which uses a JNDI realm to
authenticate to Active Directory Server.  It works well.  Unfortunately,
I must accomplish the same thing in a configuration of Tomcat 4.1.12 in
order to be in step with a vendor supplied tool.  4.1.12 is not able to
accomplish this particular goal due to a problem in the way it issues an
error message inappropriately  "javax.naming.PartialResultException"
and then fails to authenticate.
 
I would like to know which jar files I need to copy from my tomcat
4.1.17 to replace in my 4.1.12 in order to accomplish the JNDI/LDAP
processing.  I've already copied the common/lib/jndi.jar  and
common/lib/naming-factory.jar and they haven't been enough to fix the
problem.  I need to move as little as possible so as to maintain the
4.1.12 integrity for my vendor supplied tool.
 
Any suggestions would be so appreciated.
Thanks,
[EMAIL PROTECTED]

Authentication and Re-Authentication on Tomcat 4.1.24 for Authorization

2005-05-24 Thread Robyne Vaughn

In my server.xml, I have a JNDI realm which works for authenticating
every user against Microsoft Active Directory.  

 

The user requests a URL which I have set up as an alias in my web.xml
for a servlet which authenticates the user against the active directory
and then does a dispatcher.forward(request,response) to what is
essentially an opening page for the user.  (A menu of links to specific
programs.)

 

I am trying to implement further authorization for certain programs for
administrators.

 

If a person tries to open (I'm only testing 1 page at the moment) the
protected page, before doing the dispatcher.forward(request,response), I
rewrite the http header to be basic authentication in an effort to trick
Tomcat into re-authenticating for this page.

 

  response.setStatus(response.SC_UNAUTHORIZED); // Ie 401

  response.setHeader("WWW-AUTHENTICATE","BASIC");

 dispatcher.forward(request,response);

 

I have set up a context fragment similar to
tomcat_home/webapps/application.xml trying to set up the additional
authentication.

 

It wants to use the user database, and in fact, it does pop up the basic
login window after one has cleared the jndi authentication.  However,
after 3 attempts to login, it neither gives me a "bad password" message,
nor a "successful" message, instead after the 3 attempts, it just allows
the already authenticated user access whether or not they have been
assigned the appropriate role in the tomcat-users.xml.

 

Any ideas why it doesn't seem to be actually using the tomcat-users.xml?

It's a miracle that it's this close to working.  I'm feeling my way
through this, I'm not very experienced at Tomcat or Java or Jndi, I only
touch on them occasionally.  So, please answer in full, rich answers.

 

Robyne  Vaughn

RE: Authentication and Re-Authentication on Tomcat 4.1.24 for Authorization

2005-05-31 Thread Robyne Vaughn

I have done more related to this challenge:

In my servlet, I've tried:
response.setStatus(response.SC_UNAUTHORIZED); // Ie
401
response.setHeader("WWW-AUTHENTICATE","BASIC
realm=\"UserDatabase\"");
 //commenting out this one:
response.setHeader("WWW-AUTHENTICATE","BASIC");
   dispatcher.forward(request,response);

That change makes "UserDatabase" appear on the basic auth. Dialog box.

I've also tried the above like this:

 session.invalidate();
 response.setStatus(response.SC_UNAUTHORIZED); // Ie
401
response.setHeader("WWW-AUTHENTICATE","BASIC
realm=\"UserDatabase\"");
 //   response.setHeader("WWW-AUTHENTICATE","BASIC");
  dispatcher.forward(request,response);

That change means that I end up in a never ending loop where the
original login form opens, I login, authenticate, then after I attempt
to clear the basic authentication, I am sent back to the form
authentication, then basic, then form, and on, and on.  This tells me
that my server.xml is overriding my application.xml.

Here is my tomcat_home/webapps/application.xml :



//  
//  Link to the UserDatabase instance from
which
//we request lists of defined role
names.
//
UserDatabase
//
org.apache.catalina.UserDatabase
//  

   




mrcjava
 
/LNGDIST/AdminOptions.jsp
/mrcjava/GetAttsAdmin


NTSADMIN




BASIC
mrcjava



The role that is required to log in to
the Manager Application
NTSADMIN



  




Thanks for any help.


Robyne K. Vaughn
Programmer/Analyst
Lubbock ISD
1628 19th St
Lubbock, TX 79401
806-766-1119


-Original Message-
From: Robyne Vaughn 
Sent: Tuesday, May 24, 2005 9:05 AM
To: tomcat-user@jakarta.apache.org
Subject: Authentication and Re-Authentication on Tomcat 4.1.24 for
Authorization


In my server.xml, I have a JNDI realm which works for authenticating
every user against Microsoft Active Directory.  

 

The user requests a URL which I have set up as an alias in my web.xml
for a servlet which authenticates the user against the active directory
and then does a dispatcher.forward(request,response) to what is
essentially an opening page for the user.  (A menu of links to specific
programs.)

 

I am trying to implement further authorization for certain programs for
administrators.

 

If a person tries to open (I'm only testing 1 page at the moment) the
protected page, before doing the dispatcher.forward(request,response), I
rewrite the http header to be basic authentication in an effort to trick
Tomcat into re-authenticating for this page.

 

  response.setStatus(response.SC_UNAUTHORIZED); // Ie 401

  response.setHeader("WWW-AUTHENTICATE","BASIC");

 dispatcher.forward(request,response);

 

I have set up a context fragment similar to
tomcat_home/webapps/application.xml trying to set up the additional
authentication.

 

It wants to use the user database, and in fact, it does pop up the basic
login window after one has cleared the jndi authentication.  However,
after 3 attempts to login, it neither gives me a "bad password" message,
nor a "successful" message, instead after the 3 attempts, it just allows
the already authenticated user access whether or not they have been
assigned the appropriate role in the tomcat-users.xml.

 

Any ideas why it doesn't seem to be actually using the tomcat-users.xml?

It's a miracle that it's this close to working.  I'm feeling my way
through this, I'm not very experienced at Tomcat or Java or Jndi, I only
touch on them occasionally.  So, please answer in full, rich answers.

 

Robyne  Vaughn

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Blocking urls

2005-06-23 Thread Robyne Vaughn



I am also looking for a way to "block" access for administrator pages.
Could you fill me in also?
Thanks,
Robyne

-Original Message-
From: Jim Henderson [mailto:[EMAIL PROTECTED] 
Sent: Thursday, June 23, 2005 7:49 AM
To: Tomcat Users List
Subject: RE: Blocking urls


Found a solution: using filters to "block" direct access to the Web
pages.

-Original Message-
From: Jim Henderson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 22, 2005 8:48 AM
To: Tomcat Users List
Subject: Blocking urls



I am working on porting a WebSphere JSP application to Tomcat.

I can not seem to find a way in Tomcat to block access to valid pages
within the application.  I don't want the user to access selected pages
by them typing the URL to the pages in question.

Is there a means to prevent this in Tomcat?



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: save form-data in xml-file

2005-09-27 Thread Robyne Vaughn

not necessarily a tomcat question, but once-upon-a-time I had a similar
situation accessing JDBC data.  As long as I ran my app directly, I
could do so, but once embedded in servlet it would not.  It turned out
that it was an authorization problem.  While running the app directly, I
was logged in and had authorization, from the servlet, I had not
provided any password or signon.  I had to put a user-id and password
into my servlet-application to gain access to the data.

Robyne K. Vaughn

 
  _  



-Original Message-
From: Anne Milbert [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, September 27, 2005 9:44 AM
To: tomcat-user@jakarta.apache.org
Subject: save form-data in xml-file


Hi,

I got a problem in saving the data submitted by a form in a xml-file. I
wrote a servlet which uses a method createXML() to put the form-data
into a xml-file. The problem is: I can't run this method in the servlet.
But if I put it in a "normal" class and call it in the main-method
everything works fine. What am I doing wrong?

Regards,
Anne


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: save form-data in xml-file

2005-09-27 Thread Robyne Vaughn

I was afraid you'd want to know that - ha!   I'll have to go back and
try to find it.  If I remember correctly, there was a choice of either
way.  I could put it in the server.xml or in the code as a parameter to
the jdbc driver spec.
Robyne

Robyne K. Vaughn

 
  _  



-Original Message-
From: Anne Milbert [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, September 27, 2005 10:38 AM
To: Tomcat Users List
Subject: AW: save form-data in xml-file


Hi Robyne,

Thanks for your reply. This seems to be the problem. But can you tell me
if I have to put password and userid in the source code of the servlet
or in the web.xml?

Regards,
Anne

-Ursprungliche Nachricht-
Von: Robyne Vaughn [mailto:[EMAIL PROTECTED]
Gesendet: Dienstag, 27. September 2005 17:51
An: Tomcat Users List
Betreff: RE: save form-data in xml-file


not necessarily a tomcat question, but once-upon-a-time I had a similar
situation accessing JDBC data.  As long as I ran my app directly, I
could do so, but once embedded in servlet it would not.  It turned out
that it was an authorization problem.  While running the app directly, I
was logged in and had authorization, from the servlet, I had not
provided any password or signon.  I had to put a user-id and password
into my servlet-application to gain access to the data.

Robyne K. Vaughn


  _



-Original Message-
From: Anne Milbert [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 27, 2005 9:44 AM
To: tomcat-user@jakarta.apache.org
Subject: save form-data in xml-file


Hi,

I got a problem in saving the data submitted by a form in a xml-file. I
wrote a servlet which uses a method createXML() to put the form-data
into a xml-file. The problem is: I can't run this method in the servlet.
But if I put it in a "normal" class and call it in the main-method
everything works fine. What am I doing wrong?

Regards,
Anne


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

JNDI realm to access AD

RE: Tomcat and Active Directory / 2003

RE: Tomcat mysteriously stops responding...

RE: JNDIRealm...more

RE: JNDIRealm...more

RE: JNDIRealm...more

RE: JNDIRealm...more

RE: JNDIRealm...more

RE: JNDIRealm...more

RE: JNDIRealm...more

RE: JNDIRealm...more

RE: How could I solve this error

RE: How could I solve this error

Tomcat Authenticates to AD. How do I access AD variables?

RE: Tomcat Authenticates to AD. How do I access AD variables?

RE: [OT] Re: Tomcat Authenticates to AD. How do I access AD variables?

Timestamp on log is 6 hours ahead of system time.

RE: Timestamp on log is 6 hours ahead of system time.

RE: Timestamp on log is 6 hours ahead of system time.

which jar files help accomplish JNDI/LDAP/ADS authentication in 4.1.12

Authentication and Re-Authentication on Tomcat 4.1.24 for Authorization

RE: Authentication and Re-Authentication on Tomcat 4.1.24 for Authorization

RE: Blocking urls

RE: save form-data in xml-file

RE: save form-data in xml-file

25 matches

Site Navigation

Mail list logo

Footer information