I haven't looked at the JNDI realm at all. There is an outstanding bug against this and CLIENT-CERT for TC4 so I will get to it eventually (I'll port the fix to TC5 if it needs it).
The spec states that you can have no more than 1 login-config per application. If a fix is needed, you are going to have to migrate to the version that includes the fix. Mark > -----Original Message----- > From: Paulo Alvim [mailto:[EMAIL PROTECTED] > Sent: Tuesday, November 30, 2004 1:09 PM > To: Tomcat Users List > Subject: RES: [java] RE: bug JDBC Real with CLIENT-CERT > > Thanks for your answer, Mark... > > I'm sorry...I was talking about JNDIRealm. We use it to > authenticate to > ActiveDirectory with the configuration bellow (names changed): > > <Realm className="org.apache.catalina.realm.JNDIRealm" debug="0" > connectionURL="ldap://plcbhdc:389" > connectionName="cn=alvim,cn=Users,dc=powerlogic" > connectionPassword="1234567" > userBase="cn=Users,dc=powerlogic" > userSearch="sAMAccountName={0}" > userSubtree="true" roleBase="CN=Builtin,dc=powerlogic" > roleSearch="(member={0})" roleSubTree="true" > userRoleName="member" > roleName="cn" /> > > ...and sometimes against our database schema: > > <Realm className="org.apache.catalina.realm.JDBCRealm" debug="0" > driverName="oracle.jdbc.driver.OracleDriver" > connectionURL="jdbc:oracle:thin:@plcxdb:1521:oraxxxxx" > connectionName="xxxxxxx3" connectionPassword="xxxxx" > userTable="EC_USUARIO" userNameCol="LOGIN" > userCredCol="SENHA" > userRoleTable="EC_GRUPOXUSUARIO" roleNameCol="NOME_GRUPO" > digest="SHA"/> > > We need to use CLIENT-CERT together with FORM-BASED > authentication - is it > possible to use both in the same WAR? > > We could make CLIENT-CERT work with MemoryReal but since we > couldn't make it > work with JDBCRealm we are wondering it won't work with JNDI > too (we can't > test this at this moment)... > > We are using Tomcat 5.0.28 and we didn't like to migrate it, > because our > apps are running ok...only if necessary... > > Thanks again! > > Alvim > > > > -----Mensagem original----- > De: Mark Thomas [mailto:[EMAIL PROTECTED] > Enviada em: segunda-feira, 29 de novembro de 2004 18:31 > Para: 'Tomcat Users List' > Assunto: RE: [java] RE: bug JDBC Real with CLIENT-CERT > > > The JDBC stuff is all there and works. I don’t understand how > this then fits > in > with AD/LDAP? Could you enlighten me? I assume you don't mean > the JNDI realm > (which I haven't done anything with or even tested if > CLIENT-CERT will work > with) > > Mark > > > -----Original Message----- > > From: Paulo Alvim [mailto:[EMAIL PROTECTED] > > Sent: Monday, November 29, 2004 9:47 PM > > To: Tomcat Users List > > Cc: [EMAIL PROTECTED] > > Subject: RES: [java] RE: bug JDBC Real with CLIENT-CERT > > > > Thanks, Mark! > > > > Could you tell me if my kind of issues (JDBC/Ldap Realm) > are there?... > > > > > > Alvim. > > > > -----Mensagem original----- > > De: Mark Thomas [mailto:[EMAIL PROTECTED] > > Enviada em: segunda-feira, 29 de novembro de 2004 17:02 > > Para: 'Tomcat Users List' > > Assunto: [java] RE: bug JDBC Real with CLIENT-CERT > > > > > > I committed some patches to support CLIENT-CERT to 5.5.x > > recently. Should be > > in > > the next release. If you want them now, you can always grab > > them from CVS. > > > > Mark > > > > > -----Original Message----- > > > From: Paulo Alvim [mailto:[EMAIL PROTECTED] > > > Sent: Monday, November 29, 2004 4:02 PM > > > To: Tomcat Users List > > > Subject: bug JDBC Real with CLIENT-CERT > > > > > > Hi, > > > > > > I'm trying to use Client-Cert authentication with Tomcat > > > 5.0.28. I could > > > make it work using Memory Realm but when I changed to > > > JDBCRealm I received > > > an authorization error... > > > > > > In truth, it seems that there's a bug with Client-Cert and > > > others Realm > > > since 4.x. > > > > > > I've just read about that in a few links: > > > > > > http://issues.apache.org/bugzilla/show_bug.cgi?id=30352 > > > > > > http://www.junlu.com/msg/43156.html > > > > > > Anyone could update that information? Is there any fix or > > > patchs in Tomcat > > > 5.0.28? I'll need to use it with JDBCRealm and with LDAP (Active > > > Directory)... > > > > > > Thanks a lot! > > > > > > Paulo Alvim > > > Powerlogic - Brazil > > > > > > > > > -----Mensagem original----- > > > De: Paulo Alvim [mailto:[EMAIL PROTECTED] > > > Enviada em: sábado, 27 de novembro de 2004 14:20 > > > Para: Tomcat Users List > > > Assunto: RES: [work] CLIENT-CERT > > > > > > > > > Hi, > > > > > > The questions are: > > > > > > 1. Is it possible to use two authentication methods (FORM and > > > CLIENT_CERT) > > > in the same J2EE application? > > > > > > 2. If so, how could we do it in Tomcat 5.0.19? > > > > > > Thanks in advance! > > > > > > Paulo Alvim/Raphael > > > Powerlogic - Brazil > > > > > > -----Mensagem original----- > > > De: Raphael Gallo [mailto:[EMAIL PROTECTED] > > > Enviada em: sexta-feira, 26 de novembro de 2004 17:44 > > > Para: Tomcat Users List > > > Assunto: [work] CLIENT-CERT > > > > > > > > > Hi, > > > > > > > > > It´s possible use FORM authentication and CLIENT-CERT > > > in the same > > > application. How can I do this ? > > > > > > > > > > > > Thanks, > > > > > > Raphael Gallo > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]