ad!!!

2001-07-11 Thread crabcorn 

 
 

__
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/

Re: ad!!!

2001-07-14 Thread Adam Fowler 

??? yes???

On Wednesday 11 July 2001 21:36, you wrote:
> __
> Do You Yahoo!?
> Get personalized email addresses from Yahoo! Mail
> http://personal.mail.yahoo.com/

Tomcat Authenticates to AD. How do I access AD variables?

2003-11-11 Thread Robyne Vaughn 
Hi,
Thanks to Dean Searle my Tomcat now Authenticates to Active Directory
with this in my server.xml
(of course, the names have been changed to protect the innocent)
 
ldap://99.999.9.9:389 <ldap://99.999.9.9:389> "
 
connectionName="CN=connectionUID,OU=connectionUIDou,dc=mycompany,dc=isd"
  connectionPassword="connectionUIDpassword"
  referrals="follow"
  userBase="dc=mycompany,dc=isd"
 
  userSearch="(&(sAMAccountName={0})(objectClass=user))"
  userSubtree="true"
  roleBase="dc=mycompany, dc=isd"
  roleSearch="(uniqueMember={0})"
  rolename="cn"
 />
 
My web-app/web.xml fires off a form for authentication when my web-app
opening .jsp is requested.  After being authenticated the opening .jsp
fires off.
 
In my opening .jsp, how can I get user data from Active Directory?
 
For instance, how would I retrieve their Surname, firstname, and e-mail
address from AD using my .jsp after Tomcat has authenticated them?
 
getRemoteUser gives me their login id, but I don't know how to get to
all their data since I don't know the path along which Tomcat found them
and authenticated them.
 
 
thanks,
Robyne Vaughn

Re: Tomcat Authenticates to AD. How do I access AD variables?

2003-11-11 Thread Tim Funk 
All their data? Do you mean the attributes of the user as stored in Active 
Directory? If that is the case - tomcat (or any servlet container) doesn't 
provide this functionality. But you can "easily" look it up via some JNDI 
calls since you know the name of the user.

-Tim

Robyne Vaughn wrote:

My web-app/web.xml fires off a form for authentication when my web-app
opening .jsp is requested.  After being authenticated the opening .jsp
fires off.
 
In my opening .jsp, how can I get user data from Active Directory?
 
For instance, how would I retrieve their Surname, firstname, and e-mail
address from AD using my .jsp after Tomcat has authenticated them?
 
getRemoteUser gives me their login id, but I don't know how to get to
all their data since I don't know the path along which Tomcat found them
and authenticated them.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Tomcat Authenticates to AD. How do I access AD variables?

2003-11-12 Thread Robyne Vaughn 
Tim, 
Thanks for your reply.I do mean attributes.
I don't know much about JNDI. (excuse me if I don't know the correct
wording).

  I do have one little JNDI program which I copied and altered. It hits
active directory with an authorized connection name and OU and etc.  All
of which are hard-coded.  Then, I change context to another hardcoded
name and OU and can get certain attributes with that info. If I don't
specify an OU, I don't find what I'm looking for. The problem is that
when a user logs in, I don't know what their OU is.  Tomcat handles that
for me.  I don't know how to plug in the correct "path" in to a user's
data.  All I know is getRemoteUser and that 1 little piece of info isn't
enough to find a user's attributes with.  When I look in my logs, I can
see what DN tomcat followed to authenticate my user.  That hints to me
that I ought to be able to extract the "path" (DN?) to use.

All I know about JNDI, I've found out in the last 2 weeks.  If you have
some coding examples you would care to share.  I would greatly
appreciate it.  (I have seen the sun tutorial - it's incomplete where AD
is concerned)

Much appreciation
Robyne



-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 11, 2003 6:51 PM
To: Tomcat Users List
Subject: Re: Tomcat Authenticates to AD. How do I access AD variables?


All their data? Do you mean the attributes of the user as stored in
Active 
Directory? If that is the case - tomcat (or any servlet container)
doesn't 
provide this functionality. But you can "easily" look it up via some
JNDI 
calls since you know the name of the user.

-Tim

Robyne Vaughn wrote:

> My web-app/web.xml fires off a form for authentication when my web-app

> opening .jsp is requested.  After being authenticated the opening .jsp

> fires off.
>  
> In my opening .jsp, how can I get user data from Active Directory?
>  
> For instance, how would I retrieve their Surname, firstname, and 
> e-mail address from AD using my .jsp after Tomcat has authenticated 
> them?
>  
> getRemoteUser gives me their login id, but I don't know how to get to 
> all their data since I don't know the path along which Tomcat found 
> them and authenticated them.



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Tomcat 4.1 and AD

2002-05-31 Thread Jacob Lund 

Could someone tell me if TC 4.1 is going to have a realm connector to
Microsoft Active Directory LDAP interface?

Thanks
/Jacob


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

URL rewriting ad nauseum

2001-06-26 Thread Ros 

My site *has* to track sessions whilst allowing users to disable cookies.

In development so far i've been using tomcat with apache (using mod_jk). 
This isn't going to work for the real thing (bug #1388)  As far as i can
see and if i understand right, i have 3 options:

1) Use Tomcat standalone
2) Use mod_jserv
3) Use something else other than Tomcat

None of these appeal particularly, but in the meantime, I have to do
something... so:

Firstly, does anyone know of the approximate comparative performance
difference between tomcat standalone and tomcat/apache with mod_jserv? 
(given that most of my pages are jsp pages...)  Is there a huge
difference?

Secondly, does anyone have any recommendations for (my least favourite)
option three? (sorry)

With many thanks for any advice,
Rosario



Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie

[OT] Re: Tomcat Authenticates to AD. How do I access AD variables?

2003-11-12 Thread Tim Funk 
From the user id that tomcat returns, you'll need to determine the DN. In 
which you can do (I think) this way:

1) When constructing your context, use "follow", which makes it nice when you 
are using a forrest of domains (if thats the right term) for example:
   env.put(Context.REFERRAL, "follow");
2) Get the DN from the userid. Here I assume sAMAccountName is used for userid.
  SearchControls constraints = new SearchControls();
  constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
  NamingEnumeration results =
 ctx.search(organization_,
"(&(sAMAccountName=" + userId + "))",
constraints);
3) You should now how have the DN so you may do subsequent attribute lookups. 
Through normal JNDI calls. (I think)

I don't do much JNDI stuff, so I can't vouch that the above is in any manner 
correct. (But I hope it is)

-Tim

Robyne Vaughn wrote:

Tim, 
Thanks for your reply.I do mean attributes.
I don't know much about JNDI. (excuse me if I don't know the correct
wording).

  I do have one little JNDI program which I copied and altered. It hits
active directory with an authorized connection name and OU and etc.  All
of which are hard-coded.  Then, I change context to another hardcoded
name and OU and can get certain attributes with that info. If I don't
specify an OU, I don't find what I'm looking for. The problem is that
when a user logs in, I don't know what their OU is.  Tomcat handles that
for me.  I don't know how to plug in the correct "path" in to a user's
data.  All I know is getRemoteUser and that 1 little piece of info isn't
enough to find a user's attributes with.  When I look in my logs, I can
see what DN tomcat followed to authenticate my user.  That hints to me
that I ought to be able to extract the "path" (DN?) to use.
All I know about JNDI, I've found out in the last 2 weeks.  If you have
some coding examples you would care to share.  I would greatly
appreciate it.  (I have seen the sun tutorial - it's incomplete where AD
is concerned)


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [OT] Re: Tomcat Authenticates to AD. How do I access AD variables?

2003-11-12 Thread Robyne Vaughn 
Thanks, Tim.
That's a lot of help.
Robyne

-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, November 12, 2003 8:04 AM
To: Tomcat Users List
Subject: [OT] Re: Tomcat Authenticates to AD. How do I access AD
variables?


 From the user id that tomcat returns, you'll need to determine the DN.
In 
which you can do (I think) this way:

1) When constructing your context, use "follow", which makes it nice
when you 
are using a forrest of domains (if thats the right term) for example:
env.put(Context.REFERRAL, "follow");
2) Get the DN from the userid. Here I assume sAMAccountName is used for
userid.
   SearchControls constraints = new SearchControls();
   constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
   NamingEnumeration results =
  ctx.search(organization_,
 "(&(sAMAccountName=" + userId + "))",
 constraints);
3) You should now how have the DN so you may do subsequent attribute
lookups. 
Through normal JNDI calls. (I think)

I don't do much JNDI stuff, so I can't vouch that the above is in any
manner 
correct. (But I hope it is)

-Tim

Robyne Vaughn wrote:

> Tim, 
> Thanks for your reply.I do mean attributes.
> I don't know much about JNDI. (excuse me if I don't know the correct 
> wording).
> 
>   I do have one little JNDI program which I copied and altered. It 
> hits active directory with an authorized connection name and OU and 
> etc.  All of which are hard-coded.  Then, I change context to another 
> hardcoded name and OU and can get certain attributes with that info. 
> If I don't specify an OU, I don't find what I'm looking for. The 
> problem is that when a user logs in, I don't know what their OU is.  
> Tomcat handles that for me.  I don't know how to plug in the correct 
> "path" in to a user's data.  All I know is getRemoteUser and that 1 
> little piece of info isn't enough to find a user's attributes with.  
> When I look in my logs, I can see what DN tomcat followed to 
> authenticate my user.  That hints to me that I ought to be able to 
> extract the "path" (DN?) to use.
> 
> All I know about JNDI, I've found out in the last 2 weeks.  If you 
> have some coding examples you would care to share.  I would greatly 
> appreciate it.  (I have seen the sun tutorial - it's incomplete where 
> AD is concerned)



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

JNDI realm to access AD

2003-08-28 Thread Robyne Vaughn 
Hi,
I'm new to Tomcat and ADs. I'm trying to configure a JNDI realm (Tomcat
4.1.17 on IBM AS/400) to authenticate to Active Directory(microsoft on a
server). I've found a couple of brief examples to follow, but don't
understand the nomenclature well enough to make mine work on our
installation. I saw on one webpage that I may need an LDAP driver.
However, I thought that was what ADserver accomplished.(?) I followed
this example: http://www.java-internals.com/code/jndi_realm.html
<http://www.java-internals.com/code/jndi_realm.html>  

This is my code (with altered user-id, password, and ip address): 

ldap://19.999.9.9:389"; 
userBase="CN=Users,dc=Lubbock,dc=isd"
userSearch="(userPrincipalName={0})"
userRoleName="member"
roleBase="CN=Users,dc=Lubbock,dc=isd"
roleName="cn"
roleSearch="(member={0})"
connectionName="CN=TomcatUserId,DC=lubbock,DC=isd" 
connectionPassword="TomcatPassword"
roleSubtree="true"
userSubtree="true"/> 

This is the error I get:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525,
v893 

  

I can't figure out if we have a "Users" item.  The guys in charge of our
ADs can't tell me its properties.  It's new to them.  They showed me a
script they used to populate it.

under the column labled objectCategory, the entry is:
CN=Person,CN=Schema,CN=Configuration,DC=lubbock,DC=isd 

under the column labled objectClass the entry is:  user   

The other column headings are: 

DNdistinguished name   name   cn   descrioption   displayNmae   mail
givenName   sAMAccountName   sn   userAccountControl   userPrincipalName
homeDirectory   homeDrive 

Under the column labled DN and under the column labled distinguishedName
the entry is the same: 

CN=John Doe, OU=CO,DC=lubbock,DC=isd 

The AD support guys told me that OU=CO means Organizational Unit =
Central office.  I want to be able to search across all OU's. 

Any help or suggestions would be greatly appreciated. 

Thanks,

 
Robyne K. Vaughn
Programmer/Analyst
Lubbock ISD
1628 19th St
Lubbock, TX 79401
806-766-1119

Re: URL rewriting ad nauseum

2001-06-26 Thread Tim O'Neil 

Session tracking without cookies is a huge engineering mess.
I don't quite understand what your choice of server platform
has to do with it. Have you taken a look at the HttpSessionObject?
Is that what you mean with the bug you mention? (I've used cookies
solely, I don't know much about HttpSession...)

At 08:55 AM 6/26/2001, you wrote:
>My site *has* to track sessions whilst allowing users to disable cookies.
>
>In development so far i've been using tomcat with apache (using mod_jk).
>This isn't going to work for the real thing (bug #1388)  As far as i can
>see and if i understand right, i have 3 options:
>
>1) Use Tomcat standalone
>2) Use mod_jserv
>3) Use something else other than Tomcat
>
>None of these appeal particularly, but in the meantime, I have to do
>something... so:
>
>Firstly, does anyone know of the approximate comparative performance
>difference between tomcat standalone and tomcat/apache with mod_jserv?
>(given that most of my pages are jsp pages...)  Is there a huge
>difference?
>
>Secondly, does anyone have any recommendations for (my least favourite)
>option three? (sorry)
>
>With many thanks for any advice,
>Rosario
>
>
>
>Do You Yahoo!?
>Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
>or your free @yahoo.ie address at http://mail.yahoo.ie

Re: URL rewriting ad nauseum

2001-06-26 Thread Ellis Teer 

What about using mod_session?

Use it to turn off cookie tracking and then insert session id's into the
resource URL/list of environment variables?  You could then log the session id
out of the environment variables or read it directly as a GET request parameter
in Tomcat depending on how you are using/processing the session information.

If all or nearly all of your pages are .jsp AND you have very few static
resources to deliver like graphics you may be better off using just Tomcat and
skip the bridge from Apache to Tomcat.

Note, I know of no way except writing a custom interceptor to session track
static (non jsp/servlet) resources that tomcat delivers.

-Ellis Teer

On Tue, 26 Jun 2001 16:55:09 +0100 (BST), Ros wrote:
>My site *has* to track sessions whilst allowing users to disable
>cookies.
>
>In development so far i've been using tomcat with apache (using
>mod_jk).
>This isn't going to work for the real thing (bug #1388)  As far as i
>can
>see and if i understand right, i have 3 options:
>
>1) Use Tomcat standalone
>2) Use mod_jserv
>3) Use something else other than Tomcat
>
>None of these appeal particularly, but in the meantime, I have to do
>something... so:
>
>Firstly, does anyone know of the approximate comparative performance
>difference between tomcat standalone and tomcat/apache with
>mod_jserv?
>(given that most of my pages are jsp pages...)  Is there a huge
>difference?
>
>Secondly, does anyone have any recommendations for (my least
>favourite)
>option three? (sorry)
>
>With many thanks for any advice,
>Rosario
>
>
>
>Do You Yahoo!?
>Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
>or your free @yahoo.ie address at http://mail.yahoo.ie



__
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/

Roles-problem with JNDIRealm and AD

2004-10-06 Thread Eividn Trondsen 
Hi List

I'm trying to connect Tomcat/5.0.28 to AD on Windows 2003. My problem is that
JNDIRealm fails to get role information, after successfully binding with the
users DN.

My temporary conclusion is that JNDIRealm fails to use the bound connection with
AD when performing the search for the role object. I have verified that the user
object in question can access the group object by using another LDAP client and
binding as that user.

Is my conclusion somewhere close to the mark? If it is, how can I make JNDIRealm
behave; if not, any other ideas?

Here is the relevant section from server.xml:

 ldap://dtoslhk001";
 debug="99"
  userBase="cn=Users,dc=netlinetest,dc=kol,dc=net"
   userPattern="cn={0},cn=Users,dc=netlinetest,dc=kol,dc=net"
  roleBase="cn=Users,dc=netlinetest,dc=kol,dc=net"
roleSearch="(member={0})"
  roleName="cn" />

And here is the log output I get when I try to authenticate:

JNDIRealm[Catalina]: lookupUser(Per I. Lot)
JNDIRealm[Catalina]:   dn=cn=Per I. Lot,cn=Users,dc=netlinetest,dc=kol,dc=net
JNDIRealm[Catalina]:   validating credentials by binding as the user
JNDIRealm[Catalina]:   binding as cn=Per I.
Lot,cn=Users,dc=netlinetest,dc=kol,dc=net
JNDIRealm[Catalina]: Username Per I. Lot successfully authenticated
JNDIRealm[Catalina]:   getRoles(cn=Per I. Lot,cn=Users,dc=netlinetest,dc=kol,dc=net)
JNDIRealm[Catalina]:   Searching role base
'cn=Users,dc=netlinetest,dc=kol,dc=net' for attribute 'cn'
JNDIRealm[Catalina]:   With filter expression '(member=cn=Per I.
Lot,cn=Users,dc=netlinetest,dc=kol,dc=net)'
JNDIRealm[Catalina]: Exception performing authentication
javax.naming.NamingException: [LDAP: error code 1 - : LdapErr:
DSID-0C0905FF, comment: In order to perform this operation a successful bind
must be completed on the connection., data 0, vece]; remaining name
'cn=Users,dc=netlinetest,dc=kol,dc=net'

Hope someone can help. Best regards!

-- 
Eivind Trondsen| http://www.linuxlabs.no 
LinuxLabs AS   | eivind.trondsen at linuxlabs.no  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

AD authentication if exact jndi context not known

2003-08-14 Thread carel-j rischmuller 
Good day.

I've succeeded in setting  up the JNDIRealm to connect and
authenticate to AD (Active Directory) if the exact context (tree path)
to the user element is known. I just set the userBase to that exact
context. E.g. userBase="ou=Office1,dc=Company,dc=net"

However, I'm having trouble setting up JNDIRealm to connect to AD *IF*
you don't know the exact context to a user element, but need to search
through a couple of subtrees to locate it.

Thus, the system need to authenticate users that could be under any
subtree laying below "dc=Company,dc=net"

I thought that I'd just specify the userBase in the JNDIRealm as:
userBase="dc=Company,dc=net" but this generate the exception:
javax.naming.PartialResultException: Unprocessed Continuation
Reference(s); remaining name 'dc=Company,dc=net'

It seems, the way to do multiple subtree searches in JNDI is by means
of "Referrals".
(http://java.sun.com/products/jndi/tutorial/ldap/referral/jndi.html)
but this does not work for AD. In AD you use a "Global Catalog" to do
subtree (forest) searches.

Now the question: Does anybody know if you can do "Global Catalog"
searches via JNDI? And if not, is there another way to solve this
problem?

Thanks in advance
carel-j


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: AD authentication if exact jndi context not known

2003-08-18 Thread carel-j rischmuller 
Hi

I've managed to solve this problem by adding the attribute:
referrals="follow" to the  element in the server.xml file.

Hope this will help somebody else one day.

Regards
Carel-J

On Tue, 12 Aug 2003 21:18:59 +0200 carel-j rischmuller
([EMAIL PROTECTED]) wrote:

>Good day.
>
>I've succeeded in setting  up the JNDIRealm to connect and
>authenticate to AD (Active Directory) if the exact context (tree
path)
>to the user element is known. I just set the userBase to that exact
>context. E.g. userBase="ou=Office1,dc=Company,dc=net"
>
>However, I'm having trouble setting up JNDIRealm to connect to AD
*IF*
>you don't know the exact context to a user element, but need to
search
>through a couple of subtrees to locate it.
>
>Thus, the system need to authenticate users that could be under any
>subtree laying below "dc=Company,dc=net"
>
>I thought that I'd just specify the userBase in the JNDIRealm as:
>userBase="dc=Company,dc=net" but this generate the exception:
>javax.naming.PartialResultException: Unprocessed Continuation
>Reference(s); remaining name 'dc=Company,dc=net'
>
>It seems, the way to do multiple subtree searches in JNDI is by means
>of "Referrals".
>(http://java.sun.com/products/jndi/tutorial/ldap/referral/jndi.html)
>but this does not work for AD. In AD you use a "Global Catalog" to do
>subtree (forest) searches.
>
>Now the question: Does anybody know if you can do "Global Catalog"
>searches via JNDI? And if not, is there another way to solve this
>problem?
>
>Thanks in advance
>carel-j
>
>
>-
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Tomcat / AD / Queries from Username instead of Full Name

2003-10-22 Thread Matt Fury 
Has anyone run into an issue with querying LDAP/AD and
getting the username?

It seems as though because our AD was set up with
Organizational Units there is no way to get the
username from a query. It seems that the CN=Full Name
instead of CN=Username. Has anyone worked around this
or no of a fix?

Thanks.

-Matt

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: AD authentication if exact jndi context not known

2004-03-10 Thread Martin Rostan 
Hi, I'm trying to use referrals="follow" in the JNDIRealm in order to 
make it work against Active Directory, but it's not working, I' 
receiving the exception below (I'm supposing the AD process is broken).
Also I've found that the JNDI tutorial says that referrals="follow" 
doesn't work for AD: 
http://java.sun.com/products/jndi/tutorial/ldap/referral/jndi.html

Somebody knows if referrals="follow" is working with Active Directory? 
if somebody has it working, please send me the version of AD you're using.

Thanks in advance

P.S. Sorry if this message arrives duplicated, I sent it yesterday but I 
don't see it on the mailing list.

2004-03-03 09:01:31 JNDIRealm[Standalone]: Exception performing 
authentication
javax.naming.PartialResultException.  Root exception is 
javax.naming.CommunicationException: neptuno:389.  Root exception is 
java.net.ConnectException: Connection timed out: connect
 at java.net.PlainSocketImpl.socketConnect(Native Method)
 at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:305)
 at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:171)
 at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:158)
 at java.net.Socket.connect(Socket.java:426)
 at java.net.Socket.connect(Socket.java:376)
 at java.net.Socket.(Socket.java:291)
 at java.net.Socket.(Socket.java:119)
 at com.sun.jndi.ldap.Connection.createSocket(Connection.java:346)
 at com.sun.jndi.ldap.Connection.(Connection.java:181)
 at com.sun.jndi.ldap.LdapClient.(LdapClient.java:119)
 at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1668)
 at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2528)
 at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:275)
 at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:173)
 at 
com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:134) 

 at 
com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:35) 

 at javax.naming.spi.NamingManager.getURLObject(NamingManager.java:579)
 at javax.naming.spi.NamingManager.processURL(NamingManager.java:361)
 at javax.naming.spi.NamingManager.processURLAddrs(NamingManager.java:341)
 at 
javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:313)
 at 
com.sun.jndi.ldap.LdapReferralContext.(LdapReferralContext.java:93)
 at 
com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:132) 

 at 
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(LdapNamingEnumeration.java:334) 

 at 
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:207) 

 at 
com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:170) 

 at 
org.apache.catalina.realm.JNDIRealm.getUserBySearch(JNDIRealm.java:1036)



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]