- "Rainer Jung" wrote:
> On 19.08.2010 18:55, Igor Galić wrote:
> >> Use it as you like. As Rainer has hinted, the apache wiki would be
> a
> >> good place for documentation :)
> >
> > Excellent. Thank you very much, will do that.
>
> URL: http://wiki.apache.org/tomcat/ :)
Done: http://wik
On 19.08.2010 18:55, Igor Galić wrote:
Use it as you like. As Rainer has hinted, the apache wiki would be a
good place for documentation :)
Excellent. Thank you very much, will do that.
URL: http://wiki.apache.org/tomcat/ :)
---
> Use it as you like. As Rainer has hinted, the apache wiki would be a
> good place for documentation :)
Excellent. Thank you very much, will do that.
i
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additiona
Am Mittwoch, den 18.08.2010, 20:45 + schrieb Igor Galić:
> > org.apache.catalina.realm.JNDIRealm.getUserByPattern(JNDIRealm.java:1269)
> > This means, that you specified userPattern='...' in your realm
> > configuration. And you since your pattern looks like
> > '(uid={0})(...)' it is probably
Am Donnerstag, den 19.08.2010, 09:36 +0200 schrieb Rainer Jung:
> On 18.08.2010 22:45, Igor Galić wrote:
> >
> >> org.apache.catalina.realm.JNDIRealm.getUserByPattern(JNDIRealm.java:1269)
> >> This means, that you specified userPattern='...' in your realm
> >> configuration. And you since your patt
On 19/08/2010 08:36, Rainer Jung wrote:
> On 18.08.2010 22:45, Igor Galić wrote:
>>
> Felix: would you like to contribute your code? I didn't read it in
> detail but I guess it is very generic and would be a nice addon to the
> standard JNDIRealm?
+1
LDAP/JNDI seems tricky for a lot of people, t
On 18.08.2010 22:45, Igor Galić wrote:
org.apache.catalina.realm.JNDIRealm.getUserByPattern(JNDIRealm.java:1269)
This means, that you specified userPattern='...' in your realm
configuration. And you since your pattern looks like
'(uid={0})(...)' it is probably wrong. You have specified
userSear
>Great! That fixed it, and it now works! Thank you very much, Felix.
>
>I would very much like to document this. I am thus asking you for permission
>to use, host, reference or whatever is your liking, the code you have
>provided.
Hi Igor,
I've struggled with this too. I'm not sure if I'm having
> org.apache.catalina.realm.JNDIRealm.getUserByPattern(JNDIRealm.java:1269)
> This means, that you specified userPattern='...' in your realm
> configuration. And you since your pattern looks like
> '(uid={0})(...)' it is probably wrong. You have specified
> userSearch='uid={0}', too. So I believe
On Tue, 17 Aug 2010 21:30:56 + (UTC), Igor Galić
wrote:
>> That looks right. I believe I have found one issue with my code. It
>> will
>> get a InitialDirContext with your admin user and password, before it
>> is
>> negotiating TLS. I have attached another ContextFactory, which will
>> remove
> That looks right. I believe I have found one issue with my code. It
> will
> get a InitialDirContext with your admin user and password, before it
> is
> negotiating TLS. I have attached another ContextFactory, which will
> remove admin user, password and authentication method prior to TLS
> neg
Am Dienstag, den 17.08.2010, 14:31 + schrieb Igor Galić:
> > Either use the LdapTlsContextFactory, or the patched tomcat. Not both.
> > I
> > would advise to use the factory, since you can use a supported
> > tomcat.
>
> ACK. Done that. In a vanilla Tomcat, I've put your LdapTlsContextFactory
> Either use the LdapTlsContextFactory, or the patched tomcat. Not both.
> I
> would advise to use the factory, since you can use a supported
> tomcat.
ACK. Done that. In a vanilla Tomcat, I've put your LdapTlsContextFactory in
jar in lib/ with a config such as this:
ldap://mail.
On Mon, 16 Aug 2010 22:39:14 + (UTC), Igor Galić
wrote:
> - "Felix Schumacher" wrote:
>
>> On Sun, 15 Aug 2010 21:33:09 + (UTC), Igor Galić
>> wrote:
>> > - "Felix Schumacher" wrote:
>> >
>> >> Ok, my patch will not work, since new InitialDirContext(env) will
>> not
>> >> crea
- "Felix Schumacher" wrote:
> On Sun, 15 Aug 2010 21:33:09 + (UTC), Igor Galić
> wrote:
> > - "Felix Schumacher" wrote:
> >
> >> Ok, my patch will not work, since new InitialDirContext(env) will
> not
> >> create a LdapContext, but a DirContext. You could try to change
> new
> >>
On Sun, 15 Aug 2010 21:33:09 + (UTC), Igor Galić
wrote:
> - "Felix Schumacher" wrote:
>
>> Ok, my patch will not work, since new InitialDirContext(env) will not
>> create a LdapContext, but a DirContext. You could try to change new
>> InitialDirContext(env) into InitalLdapContext(env, nu
- "Pid" wrote:
> On 15/08/2010 21:58, Felix Schumacher wrote:
> > Ok, my patch will not work, since new InitialDirContext(env) will
> not
> > create a LdapContext, but a DirContext. You could try to change new
> > InitialDirContext(env) into InitalLdapContext(env, null) as used in
> the
> >
On 15/08/2010 21:58, Felix Schumacher wrote:
> Ok, my patch will not work, since new InitialDirContext(env) will not
> create a LdapContext, but a DirContext. You could try to change new
> InitialDirContext(env) into InitalLdapContext(env, null) as used in the
> sun startssl example.
>
> I will te
I forgot to actually attach the pcap now, didn't i?
So long,
i
--
Igor Galić
Tel: +43 (0) 664 886 22 883
Mail: i.ga...@brainsware.org
URL: http://brainsware.org/
tomcat.jndi.ldap.cap
Description: application/cap
-
To unsubs
- "Felix Schumacher" wrote:
> Ok, my patch will not work, since new InitialDirContext(env) will not
> create a LdapContext, but a DirContext. You could try to change new
> InitialDirContext(env) into InitalLdapContext(env, null) as used in
> the
> sun startssl example.
I applied the suggest
- "Mark Eggers" wrote:
> Reading your original request, you're using an external certificate to
> go
> against your LDAP server, right?
>
> If so, you might try using Felix's code, and then adding
> authentication="EXTERNAL" to the Realm configuration.
>
> Your JNDIRealm configuration woul
Ok, my patch will not work, since new InitialDirContext(env) will not
create a LdapContext, but a DirContext. You could try to change new
InitialDirContext(env) into InitalLdapContext(env, null) as used in the
sun startssl example.
I will test it tomorrow.
But it may be easier to allow ssl with y
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#Overview
(MBeans) http://tomcat.apache.org/tomcat-6.0-doc/mbeans-descriptor-howto.html
That way you'll have a generic Tomcat instead of a patched version.
. . . just my two cents
/mde/
- Original Message
From: Igor Galić
To: Tomc
> If you are feeling lucky and are willing to compile tomcat yourself,
> you
> can try the attached diff. I haven't tested it, since I don't have an
> ldap server around at the moment.
>
> You have to extend the realm configuration with
> startTLS="true"
>... />
Hi Felix,
thanks for
e a file called setenv.sh in $CATALINA_HOME/bin and set
> it).
Thanks, that fixes the Sun SDK issue.
> Other than that, I'm just guessing at this point.
>
> . . . . just my two cents.
>
> /mde/
>
>
> - Original Message
> From: Igor Galić
> To: To
this point.
. . . . just my two cents.
/mde/
- Original Message
From: Igor Galić
To: Tomcat Users List
Sent: Sun, August 15, 2010 9:28:31 AM
Subject: Re: JNDI: LDAPv3 with StartTLS
This is getting out of hand...
i.ga...@pheme /opt/tomcat6 % sudo netstat -nalpt | grep -w LISTEN|g
Am Sonntag, den 15.08.2010, 17:53 + schrieb Igor Galić:
> - "Felix Schumacher" wrote:
>
> /snip
> > > I've traced the operation with wireshark only to find it's not even
> > trying to do any kind of SASL negotiation.
> > > That seems weird, since:
> > >
> > http://www.java2s.com/Open-Sour
- "Felix Schumacher" wrote:
/snip
> > I've traced the operation with wireshark only to find it's not even
> trying to do any kind of SASL negotiation.
> > That seems weird, since:
> >
> http://www.java2s.com/Open-Source/Java-Document/6.0-JDK-Modules-com.sun/jndi/com/sun/jndi/ldap/LdapClient.
Am Sonntag, den 15.08.2010, 14:14 + schrieb Igor Galić:
> Hi folks,
>
> I'm running Hudson in Tomcat 6.0.29 on Debian/Squeeze/amd64 with
>
> i.ga...@pheme /opt/tomcat6 % java -version
> java version "1.6.0_18"
> OpenJDK Runtime Environment (IcedTea6 1.8) (6b18-1.8-1)
> OpenJDK 64-Bit Server
This is getting out of hand...
i.ga...@pheme /opt/tomcat6 % sudo netstat -nalpt | grep -w LISTEN|grep 80
tcp0 0 0.0.0.0:80880.0.0.0:* LISTEN
30503/traffic_manag
tcp0 0 0.0.0.0:80910.0.0.0:* LISTEN
30513/tra
- "Rainer Jung" wrote:
snip
>
> Never used it, but wouldn't you configure "ldaps://" URLs instead of
> "ldap://"; URLs? And maybe also using Port 636 instead of 389 (or
> removing the port to use it as the default port).
>
> No idea about SASL though.
StartTLS works over the default por
> From: Igor Galić [mailto:i.ga...@brainsware.org]
> Subject: Re: JNDI: LDAPv3 with StartTLS
>
> I would still like to believe that this is a simple configuration
> error from my side.
If Rainer's suggestion doesn't work, can you try this with a JVM downloaded
Hi Igor,
On 15.08.2010 16:14, Igor Galić wrote:
Hi folks,
I'm running Hudson in Tomcat 6.0.29 on Debian/Squeeze/amd64 with
i.ga...@pheme /opt/tomcat6 % java -version
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8) (6b18-1.8-1)
OpenJDK 64-Bit Server VM (build 14.0-b16, mixed
'information seulement et n'aura pas n'importe quel effet légalement
> obligatoire. Étant donné que les email peuvent facilement être sujets
> à la manipulation, nous ne pouvons accepter aucune responsabilité pour
> le contenu fourni.
>
>
>
>
>
> &g
re.org
> To: users@tomcat.apache.org
> Subject: JNDI: LDAPv3 with StartTLS
>
>
> Hi folks,
>
> I'm running Hudson in Tomcat 6.0.29 on Debian/Squeeze/amd64 with
>
> i.ga...@pheme /opt/tomcat6 % java -version
> java version "1.6.0_18"
> OpenJDK Runtim
Hi folks,
I'm running Hudson in Tomcat 6.0.29 on Debian/Squeeze/amd64 with
i.ga...@pheme /opt/tomcat6 % java -version
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8) (6b18-1.8-1)
OpenJDK 64-Bit Server VM (build 14.0-b16, mixed mode)
I'm starting the server with:
CATALINA_OPT
36 matches
Mail list logo
