I'm trying to get a realm set up via JNDI to an Openldap server. Here is my current server.xml config.
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://vdc.fas.harvard.edu:389" userPattern="uid={0},ou=vdcid,ou=hmdc,o=vdc" roleBase="o=vdc" roleSubtree="true" roleName="vdcGroup" roleSearch="(member={0})" digest="SHA" /> I'm using "vdcGroup" entries to store unique member attributes named 'member'. I can do this search using straight JNDI in a Test Java Application. But the realm will not return the vdcGroups that jadmin is a member of. Is there something obvious I am missing? -Mark 2002-09-07 10:40:51 JNDIRealm[Standalone]: Connecting to URL ldap://vdc.fas.harvard.edu:389 2002-09-07 10:41:11 JNDIRealm[Standalone]: lookupUser(jadmin) 2002-09-07 10:41:11 JNDIRealm[Standalone]: dn=uid=jadmin,ou=vdcid,ou=hmdc,o=vdc 2002-09-07 10:41:11 JNDIRealm[Standalone]: validating credentials by binding as the user 2002-09-07 10:41:11 JNDIRealm[Standalone]: binding as uid=jadmin,ou=vdcid,ou=hmdc,o=vdc 2002-09-07 10:41:11 JNDIRealm[Standalone]: Username jadmin successfully authenticated 2002-09-07 10:41:11 JNDIRealm[Standalone]: getRoles(uid=jadmin,ou=vdcid,ou=hmdc,o=vdc) 2002-09-07 10:41:11 JNDIRealm[Standalone]: Searching role base 'o=vdc' for attribute 'vdcGroup' 2002-09-07 10:41:11 JNDIRealm[Standalone]: With filter expression '(member=uid=jadmin,ou=vdcid,ou=hmdc,o=vdc)' 2002-09-07 10:41:11 JNDIRealm[Standalone]: Returning 0 roles 2002-09-07 10:41:12 JNDIRealm[Standalone]: Username jadmin does NOT have role tomcat 2002-09-07 10:41:12 JNDIRealm[Standalone]: Username jadmin does NOT have role role1 2002-09-07 10:41:12 JNDIRealm[Standalone]: Username jadmin does NOT have role administrators -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>