ok. I'm stuck in ancient times on the 4.xx series, but the security constraint 
params are likely to be similar enough.

Let me double check mine.


-----Original Message-----
From: Lisa Tan [mailto:[EMAIL PROTECTED]
Sent: Friday, August 03, 2007 3:55 PM
To: 'Tomcat Users List'
Subject: RE: Failed Authentication


I am using apache-tomcat-5.5.17, and Apache 2.0.52 which comes with RedHat.

Thanks,

Lisa

-----Original Message-----
From: Propes, Barry L [mailto:[EMAIL PROTECTED] 
Sent: Friday, August 03, 2007 4:40 PM
To: Tomcat Users List
Subject: RE: Failed Authentication

what version do you have? Of TC?

-----Original Message-----
From: Lisa Tan [mailto:[EMAIL PROTECTED]
Sent: Friday, August 03, 2007 9:59 AM
To: 'Tomcat Users List'
Subject: RE: Failed Authentication


I am trying to set up Tomcat form based authentication and received the
following error.
Failed authenticate() test ??/j_security_check -
org.apache.catalina.authenticator.AuthenticatorBase [20070802]

What I have done is:
a). in $TOMCAT/conf/server.xml, I add JNDIRealm <Realm
className="org.apache.catalina.realm.JNDIRealm"
       debug='55'
        connectionURL="ldap://xxx:xxx";
         userBase="ou=People,dc=example,dc=edu"
         userSearch="(uid={0})"
 />
b). in tomcat WEB-INF/web.xml,  I add security and login blocks 
       <security-constraint>
         <web-resource-collection>
          <web-resource-name>tracker</web-resource-name>
          <url-pattern>*.jsp</url-pattern>
          <http-method>GET</http-method>
          <http-method>POST</http-method>
         </web-resource-collection>
         <!-- Security roles referenced by this web application -->
         <security-role>
                  <description>All Users</description>
                  <role-name>person</role-name>
         </security-role>
      </security-constraint>
  
      <login-config>
            <auth-method>FORM</auth-method>
            <realm-name>ldapRealm</realm-name>
            <form-login-config>
                    <form-login-page>/login.jsp</form-login-page>
                    <form-error-page>/login_error.jsp</form-error-page>
            </form-login-config>
      </login-config>
c). create login.jsp and login_error.jsp and put them in the web-app's
document root    
  <form action="j_security_check" method="POST">
        LDAP Authentication<BR>
  
        <strong>Enter UserId</strong><br>
        <input type="text" name="j_username" size="22">
  <br>
        <strong>Enter Password</strong><br>
        <input type="password" name="j_password" size="22">
  
        <input type="submit" name="Submit" value="Submit">
  </form>
  
  login_error.jsp can be as simple as:
 
<html>
  <body>
  The system was not able to log you in.<br>
     <form>
       <input type="button" onclick="history.go(-1)" value="Retry"/>
     </form>
  </body>
</html>

Any directions will appreciate. Thanks,

Lisa


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to