No, I don't mean the request parameter name in the form, I mean the LDAP attribute name.
Nevertheless, after looking over the Tomcat documentation, this probably isn't your issue. You should read over this documentation carefully and make sure you've specified everything you need to connect to your particular LDAP server. In particular, I think it's likely that you'll need to specify the "connectionName", "connectionPassword", and "userPassword" attributes. This is just a guess, as there's several ways to configure an LDAP server. > -----Original Message----- > From: Maurice Coyle - Sun Microsystems Ireland [mailto:[EMAIL PROTECTED] > Sent: Tuesday, July 01, 2003 10:29 AM > To: [EMAIL PROTECTED] > Subject: RE: FORM-based ldap authentication problem > > i'm pretty sure the j_username is the logical attribute name for the uid. > the > container manages the internals of the authentication. is this what you > meant? > > i wouldn't consider myself any sort of authority on the j_* attributes, i > just > tried them and they worked. i suspect that this is the root of my > problem, so > if nayone knows of a decent source of info about them i'd appreciate it. > > > I haven't tried to set up an LDAP authenticator in Tomcat, but shouldn't > > you have to specify the attribute name for the uid? You've specified > > the pattern for the search DN, but I would assume you'd have to specify > > "uid" separately somewhere. > > > > > -----Original Message----- > > > From: Maurice Coyle - Sun Microsystems Ireland > > [mailto:[EMAIL PROTECTED] > > > > > > by all means. there's 4 basic steps to this: > > > > > > 1. in server.xml paste the following (replace <YOUR-SERVER> with the > > url > > > of the > > > ldap server and you'll probably have to change the userBase bit too) > > to > > > tell > > > tomcat where to go to authenticate: > > > > > > <Realm className="org.apache.catalina.realm.JNDIRealm" > > debug="99" > > > connectionURL="ldap://<YOUR-SERVER>:389" > > > userBase="ou=people,dc=sun,dc=com" > > > userSearch="uid={0}"/> > > > > > > 2. in web.xml, right at the end paste the following (add <url-pattern> > > > tags for > > > whicever other types of files you want protected): > > > > > > <security-constraint> > > > <web-resource-collection> > > > <web-resource-name>tracker</web-resource-name> > > > <url-pattern>*.jsp</url-pattern> > > > <http-method>GET</http-method> > > > <http-method>POST</http-method> > > > </web-resource-collection> > > > <auth-constraint> > > > <!-- <role-name>std</role-name> --> > > > <role-name>*</role-name> > > > </auth-constraint> > > > </security-constraint> > > > > > > <login-config> > > > <auth-method>FORM</auth-method> > > > <realm-name>ldapRealm</realm-name> > > > <form-login-config> > > > <form-login-page>/login.jsp</form-login-page> > > > <form-error-page>/login_error.jsp</form-error-page> > > > </form-login-config> > > > </login-config> > > > > > > 3. create login.jsp and login_error.jsp and put them in the web-app's > > > document > > > root > > > > > > login.jsp must include the form with the j_* fields as in the skeleton > > > form > > > below: > > > > > > <form action="j_security_check" method="POST"> > > > LDAP Authentication<BR> > > > > > > <strong>Enter UserId</strong><br> > > > <input type="text" name="j_username" size="22"> > > > > > > <strong>Enter Password</strong><br> > > > <input type="password" name="j_password" size="22"> > > > > > > <input type="submit" name="Submit" value="Submit"> > > > </form> > > > > > > login_error.jsp can be as simple as: > > > > > > <html> > > > <body> > > > The system was not able to log you in.<br> > > > <form> > > > <input type="button" onclick="history.go(-1)" value="Retry"/> > > > </form> > > > </body> > > > </html> > > > > > > 4. when you've successfully logged in, to get the name of the user > > who's > > > logged > > > in, use String user = request.getRemoteUser(); > > > > > > > > > hope this helps, > > > maurice > > > > > > > > > > Mailing-List: contact [EMAIL PROTECTED]; run by > > ezmlm > > > > List-Unsubscribe: > > <mailto:[EMAIL PROTECTED]> > > > > List-Subscribe: <mailto:[EMAIL PROTECTED]> > > > > List-Help: <mailto:[EMAIL PROTECTED]> > > > > List-Post: <mailto:[EMAIL PROTECTED]> > > > > List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org> > > > > Delivered-To: mailing list [EMAIL PROTECTED] > > > > X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0 > > > > content-class: urn:content-classes:message > > > > Subject: RE: FORM-based ldap authentication problem > > > > Date: Tue, 1 Jul 2003 12:52:46 -0400 > > > > X-MS-Has-Attach: > > > > X-MS-TNEF-Correlator: > > > > Thread-Topic: FORM-based ldap authentication problem > > > > Thread-Index: AcM/8O7x+q8RZHTaQ5mM0xzRg5mCtAAACyJA > > > > From: "Pitre, Russell" <[EMAIL PROTECTED]> > > > > To: "Tomcat Users List" <[EMAIL PROTECTED]>, "Maurice > > Coyle > > > - Sun > > > Microsystems Ireland" <[EMAIL PROTECTED]> > > > > X-OriginalArrivalTime: 01 Jul 2003 16:52:46.0869 (UTC) > > > FILETIME=[32D05C50:01C33FF1] > > > > X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N > > > > Content-Transfer-Encoding: 8bit > > > > X-MIME-Autoconverted: from quoted-printable to 8bit by > > > dub-mail1.Ireland.Sun.COM id h61GrEh10906 > > > > > > > > I've been trying to get form-based ldap authentication > > working....but no > > > > luck.....do you think > > > > i could see some sample code? > > > > > > > > > > > > > > > > Russ > > > > > > > > -----Original Message----- > > > > From: Maurice Coyle - Sun Microsystems Ireland > > [mailto:[EMAIL PROTECTED] > > > > Sent: Tuesday, July 01, 2003 12:50 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: FORM-based ldap authentication problem > > > > > > > > > > > > hi all, > > > > i've implemented form-based ldap authentication on my tomcat server. > > it > > > > works > > > > fine in general but from time to time when i enter my ldap username > > and > > > > password, i get a blank page with j_security_check in the location > > > > field. if i > > > > reload the page, i get the login_error.jsp page and upon reloading > > the > > > > page one > > > > further time, i am logged in successfully. > > > > > > > > this is the exact sequence whenever there is a problem with the > > > > authentication, > > > > i can reload the page 3 times and i get accepted. > > > > > > > > does anyone have a clue what's the cause and if there's a solution? > > > > > > > > appreciate any help, > > > > maurice > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
