Thanks, I have been staring at it for ages. The > is a massive typo. I had the debug as it is included in lots of examples dated 2012+
I will remove it. No wonder the changes I was making seemed to have no effect. Sent from my iPad On 13 Dec 2013, at 16:07, Cédric Couralet <cedric.coura...@gmail.com> wrote: > 2013/12/13 Phill Perryman <ph...@alstonelane.com>: >> I have set up the following authentication to the ldap server. I can log >> into this server using the LdapAdmin browser ok. >> >> Running 7.0.34 (I think its 34 but I can't bring the server up at the >> moment) >> >> I am getting a stack trace >> >> Dec 13, 2013 1:56:35 PM org.apache.catalina.realm.JNDIRealm open >> WARNING: Exception performing authentication >> javax.naming.CommunicationException: localhost:389 [Root exception is >> java.net.ConnectException: Connection refused: connect] >> at com.sun.jndi.ldap.Connection.<init>(Unknown Source) >> > > Does the authentication fail at the time of this warning? It may > happen that the connection is finished on the ldap server when tomcat > tries to authenticate the user, but tomcat should retry anyway after > this message (which has an INFO level in recents versions) > >> I am not connecting to local host so I don't understand the message. None >> of the other files in conf have been touched. >> >> I tried searching and found lots of references but no real solutions. >> >> <Engine name="Catalina" defaultHost="localhost"> >> <Host name="localhost" appBase="webapps" unpackWARs="true" >> autoDeploy="true"> >> <Realm className="org.apache.catalina.realm.JNDIRealm"> >> debug="99" >> connectionName="cn=xxx,o=mitelinternet" >> connectionPassword="xxx" >> connectionURL="ldap://ottedev02.mitel.com:389" >> alternateURL="ldap://ottedev02.mitel.com:389" >> userPattern="uid={0},o=mitelinternet" >> roleBase="o=mitelinternet" >> roleSubtree="true" >> roleSearch="(member={0})" >> roleName="cn" >> </Realm> >> > > Is it really the definition that you have in server.xml or is a typo? > As it is written, the Realm has no attribute which may explain the > localhost in the message (default in JNDI). > > May be you meant : > . >> <Realm className="org.apache.catalina.realm.JNDIRealm" >> debug="99" >> connectionName="cn=xxx,o=mitelinternet" >> connectionPassword="xxx" >> connectionURL="ldap://ottedev02.mitel.com:389" >> alternateURL="ldap://ottedev02.mitel.com:389" >> userPattern="uid={0},o=mitelinternet" >> roleBase="o=mitelinternet" >> roleSubtree="true" >> roleSearch="(member={0})" >> roleName="cn"> >> </Realm> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org