Thanks for responding, I have pasted two queries below and the later one
contains an additional VirtualHost directive, it been appended on a running
server on its own. I am not sure how this has happened and after that msh
application starts generating errors.
Regards
-Original
Hi folks,
I'm running Hudson in Tomcat 6.0.29 on Debian/Squeeze/amd64 with
i.ga...@pheme /opt/tomcat6 % java -version
java version 1.6.0_18
OpenJDK Runtime Environment (IcedTea6 1.8) (6b18-1.8-1)
OpenJDK 64-Bit Server VM (build 14.0-b16, mixed mode)
I'm starting the server with:
it means the authentication provider does not support the authentication
algorithm you selected
list out the contents of your keystore
http://download-llnw.oracle.com/javase/1.4.2/docs/tooldocs/windows/keytool.html
you may be better off creating new keys and be sure you identify only the
- Martin Gainty mgai...@hotmail.com wrote:
it means the authentication provider does not support the
authentication algorithm you selected
I didn't select a protocol (there is no protocol=foo setting the Realm)
list out the contents of your keystore
I'm not using a keystore. I just
Hi Igor,
On 15.08.2010 16:14, Igor Galić wrote:
Hi folks,
I'm running Hudson in Tomcat 6.0.29 on Debian/Squeeze/amd64 with
i.ga...@pheme /opt/tomcat6 % java -version
java version 1.6.0_18
OpenJDK Runtime Environment (IcedTea6 1.8) (6b18-1.8-1)
OpenJDK 64-Bit Server VM (build 14.0-b16, mixed
From: Igor Galić [mailto:i.ga...@brainsware.org]
Subject: Re: JNDI: LDAPv3 with StartTLS
I would still like to believe that this is a simple configuration
error from my side.
If Rainer's suggestion doesn't work, can you try this with a JVM downloaded
from java.sun.com? I've wondering if
- Rainer Jung rainer.j...@kippdata.de wrote:
snip
Never used it, but wouldn't you configure ldaps:// URLs instead of
ldap://; URLs? And maybe also using Port 636 instead of 389 (or
removing the port to use it as the default port).
No idea about SASL though.
StartTLS works over the
This is getting out of hand...
i.ga...@pheme /opt/tomcat6 % sudo netstat -nalpt | grep -w LISTEN|grep 80
tcp0 0 0.0.0.0:80880.0.0.0:* LISTEN
30503/traffic_manag
tcp0 0 0.0.0.0:80910.0.0.0:* LISTEN
Carlton Whitmore wrote:
We're running Windows 2008 R2, Tomcat 6, MS SQL 2005, JDK 6 update 20
and authenticating using AD from Windows 2003 R2 server.
The application we're using causes intermittent single sign-on errrors.
We tried to upgrade to Tomcat 7 and the SSO errors went away, but
Am Sonntag, den 15.08.2010, 14:14 + schrieb Igor Galić:
Hi folks,
I'm running Hudson in Tomcat 6.0.29 on Debian/Squeeze/amd64 with
i.ga...@pheme /opt/tomcat6 % java -version
java version 1.6.0_18
OpenJDK Runtime Environment (IcedTea6 1.8) (6b18-1.8-1)
OpenJDK 64-Bit Server VM (build
- Felix Schumacher felix.schumac...@internetallee.de wrote:
/snip
I've traced the operation with wireshark only to find it's not even
trying to do any kind of SASL negotiation.
That seems weird, since:
Am Sonntag, den 15.08.2010, 17:53 + schrieb Igor Galić:
- Felix Schumacher felix.schumac...@internetallee.de wrote:
/snip
I've traced the operation with wireshark only to find it's not even
trying to do any kind of SASL negotiation.
That seems weird, since:
A couple of things come to mind:
Could this be a remote firewall issue? If you have an LDAP client that can go
against your server, that would answer that question.
I did a quick search, and there are a lot of messages concerning Debian and
java.net.SocketException: Network is unreachable
- Mark Eggers its_toas...@yahoo.com wrote:
A couple of things come to mind:
Could this be a remote firewall issue? If you have an LDAP client that
can go
against your server, that would answer that question.
I did a quick search, and there are a lot of messages concerning
Debian
If you are feeling lucky and are willing to compile tomcat yourself,
you
can try the attached diff. I haven't tested it, since I don't have an
ldap server around at the moment.
You have to extend the realm configuration with
Realm ...
startTLS=true
... /
Hi Felix,
thanks for
Reading your original request, you're using an external certificate to go
against your LDAP server, right?
If so, you might try using Felix's code, and then adding
authentication=EXTERNAL to the Realm configuration.
Your JNDIRealm configuration would then end up looking like:
Realm
A lot of mucking around, a weekend, 3 beers, and a little sleep latter I
finally answered my own question. So for posterities sake:
My problem was that I started tomcat as a daemon and had assumed that
catalina.sh was being executed by JSVC (expecting those environment
variables to be used), I
Ok, my patch will not work, since new InitialDirContext(env) will not
create a LdapContext, but a DirContext. You could try to change new
InitialDirContext(env) into InitalLdapContext(env, null) as used in the
sun startssl example.
I will test it tomorrow.
But it may be easier to allow ssl with
- Mark Eggers its_toas...@yahoo.com wrote:
Reading your original request, you're using an external certificate to
go
against your LDAP server, right?
If so, you might try using Felix's code, and then adding
authentication=EXTERNAL to the Realm configuration.
Your JNDIRealm
- Felix Schumacher felix.schumac...@internetallee.de wrote:
Ok, my patch will not work, since new InitialDirContext(env) will not
create a LdapContext, but a DirContext. You could try to change new
InitialDirContext(env) into InitalLdapContext(env, null) as used in
the
sun startssl
I forgot to actually attach the pcap now, didn't i?
So long,
i
--
Igor Galić
Tel: +43 (0) 664 886 22 883
Mail: i.ga...@brainsware.org
URL: http://brainsware.org/
tomcat.jndi.ldap.cap
Description: application/cap
-
To
On 15/08/2010 21:58, Felix Schumacher wrote:
Ok, my patch will not work, since new InitialDirContext(env) will not
create a LdapContext, but a DirContext. You could try to change new
InitialDirContext(env) into InitalLdapContext(env, null) as used in the
sun startssl example.
I will test it
On 15/08/2010 07:53, Honey Bajaj wrote:
Thanks for responding, I have pasted two queries below and the later one
contains an additional VirtualHost directive, it been appended on a running
server on its own. I am not sure how this has happened and after that msh
application starts
On 13/08/2010 23:24, André Warnier wrote:
Pid wrote:
On 13/08/2010 11:52, Hans Wahn wrote:
2010/08/12 20:20:17:796 CEST [DEBUG] wire - HTTP/1.1 100
Continue[EOL]
2010/08/12 20:20:17:796 CEST [DEBUG] wire - [EOL]
2010/08/12 20:20:17:796 CEST [DEBUG] headers - HTTP/1.1 100 Continue
On 15/08/2010 17:45, André Warnier wrote:
Carlton Whitmore wrote:
We're running Windows 2008 R2, Tomcat 6, MS SQL 2005, JDK 6 update 20
and authenticating using AD from Windows 2003 R2 server.
The application we're using causes intermittent single sign-on errrors.
We tried to upgrade to
- Pid p...@pidster.com wrote:
On 15/08/2010 21:58, Felix Schumacher wrote:
Ok, my patch will not work, since new InitialDirContext(env) will
not
create a LdapContext, but a DirContext. You could try to change new
InitialDirContext(env) into InitalLdapContext(env, null) as used in
Andre,
The only reason I think it's Tomcat because when we change the Tomcat version
it seems to affect the speed of the application (Tomcat 7 runs very slow, but
no SSO errors; Tomcat 6 runs fast, but SSO errors). We're using Active
Directory to authenticate. I guess it could be SSL as well.
From: Carlton Whitmore [mailto:cwhitm...@advocacyinc.org]
Subject: RE: Single Sign-On problems
Tomcat 7 runs very slow, but no SSO errors; Tomcat 6 runs
fast, but SSO errors
Have you looked to see what's going on during the slowdown? Is there high CPU
usage, or perhaps swapping?
Is there
Charles,
The server is running as a VM on Hyper-V R2. I've checked the CPU and disk
access during these times and everything looks fine. We're using internal DNS
servers so I don't think lookup resoltuion is an issue.
Carlton Whitmore
Systems Analyst
Advocacy, Inc.
http://www.advocacyinc.org
From: Carlton Whitmore [mailto:cwhitm...@advocacyinc.org]
Subject: RE: Single Sign-On problems
The server is running as a VM on Hyper-V R2. I've checked the CPU and
disk access during these times and everything looks fine. We're using
internal DNS servers so I don't think lookup resoltuion
30 matches
Mail list logo