Re: Problem Authenticating Users in LDAP

Fri, 29 Oct 2004 04:50:45 -0700

So your user hasn't been authenticated by the JNDIRealm. Is there any security role specific stuff?? You have to distinguish between authentication and authorization (roles etc.) Can you trace your ldap engine??? We are facing problems with german umlauts in passwords (JDBCRealm). Do you have any chars within user/password which need special encoding???
Cheers
Mark

Sandeep N wrote:

This is what the log file (catalina_log.2004-10-29.txt)  reads -

2004-10-29 15:53:14 JNDIRealm[Standalone]: Connecting to URL
ldap://localhost:389
2004-10-29 15:53:38 JNDIRealm[Standalone]: lookupUser(sandeep)
2004-10-29 15:53:38 JNDIRealm[Standalone]: dn=cn=sandeep,cn=Manager,dc=my-domain,dc=com
2004-10-29 15:53:38 JNDIRealm[Standalone]: retrieving attribute userPassword
2004-10-29 15:53:38 JNDIRealm[Standalone]: validating credentials
2004-10-29 15:53:38 JNDIRealm[Standalone]: Username sandeep NOT
successfully authenticated


On Thu, 28 Oct 2004 15:29:00 +0200, Mark Doppelfeld
<[EMAIL PROTECTED]> wrote:


Hi,

have a look in your log files. It should tell you something about your
authentication process...
Mark



Sandeep N wrote:



Hi,

I have a problem trying to authenticate users, whose details are
stored in the LDAP directory through Apache Tomcat. The details of the
software I am using are as follows :

LDAP: OpenLDAP V 2.2.17
Web-Server: Apache-Tomcat V 4.1.30
OS: Suse - Linux

The LDAP directory structure is somewhat like this -
dc=my-domain,dc=com
cn= Manager
  cn=person1
  cn=person2 and so on

In the server.xml file (under APACHE-TOMCAT-DIR/conf/) I have included
he following piece of code  -

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionName="cn=Manager,dc=my-domain,dc=com"
connectionPassword="secret" connectionURL="ldap://localhost:389";
roleName="cn" roleSearch="(uniqueMember={0})"
userPassword="userPassword"
userPattern="cn={0},cn=Manager,dn=my-domain,dn=com" />

The folder I have to authenticate is "param_test" and this resides
under "APACHE-TOMCAT-DIR/webapps".

The web.xml file under the "param_test" folder contains the following
piece of code  -
..................................
<security-constraint>
   <web-resource-collection>
           <web-resource-name>test</web-resource-name>
           <url-pattern>/*</url-pattern>
   </web-resource-collection>
   <auth-constraint>
           <role-name>cn</role-name>
   </auth-constraint>
</security-constraint>

<login-config>
   <auth-method>BASIC</auth-method>
   <realm-name>test</realm-name>
</login-config>

..................................

I have even copied the jndi.jar, ldap.jar files to
APACHE-TOMCAT-DIR/server/lib directory

When I try to access the link, http://localhost:8089/param_test, it
prompts me for the username and password. When I type in these
parameters as per the entries in the LDAP directory, the pop-up
reappears and this goes on continously. If I cancel this pop-up, HTTP
error 401 is returned. Any guesses where I have gone wrong?

Thanks in advance.

Regards,
Sandeep




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to