Hi Rudy,
Sorry that I missed out the problem. I can connect to the server but the
authentication of a member in the group AUTH is failing inspite of giving
proper credentials.
May be I have not configured properly.
Regards,
Savitha
On Tue, Sep 13, 2011 at 3:02 PM, Rudy Gireyev <rgire...@gmail.com> wrote:
> Savitha you forgot to mention what was the problem that you were having.
>
> Anyway, in your realm specification, for the connectionName you need
> to specify the actual name of the user (i.e. admin) that is able to
> log into the LDAP to do the lookup that you are interested in.
> connectionPassword is the password for that user/admin.
>
> Rudy
>
>
> On Tue, Sep 13, 2011 at 11:20 AM, Savitha Akella
> <savitha.saraswa...@gmail.com> wrote:
> > Hi,
> >
> > I need help in configuring the JNDI Realm to connect to LDAP Server and
> > authenticate users. Here are the details:
> >
> > CN=<AUTH>,OU=XYZ,OU=Application
> > Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com - *AUTH is the group in
> which
> > i have to search if the user is a member of or not. All the members in
> this
> > group are defined in OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com*
> > **
> > This group has members who are defined in
> > CN=<User>,OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com
> >
> > *I have set my JNDIRealm tag in server.xml as follows:*
> > <Realm className="org.apache.catalina.realm.JNDIRealm"
> >
> connectionName="CN=123,OU=Serv-Accts,OU=PAS,OU=Resrc,DC=rma,DC=corp,DC=ABC,DC=com"
> >
> > connectionPassword="pwd"
> > connectionURL="ldap://<hostname:port" debug="99"
> > *roleBase*="OU=XYZ,OU=Application
> > Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com"
> > *roleSubtree*="true"
> > *roleName*="cn"
> > *roleSearch*="CN=<AUTH>,OU=XYZ,OU=Application
> > Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com"
> > *userBase*="OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com"
> > *userSubtree*="true"
> > *userPattern*="CN={0},OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com"/>
> >
> >
> > *The web.xml is as follows:*
> > **
> > <security-constraint>
> > <display-name>Security Constraint</display-name>
> > <web-resource-collection>
> > <web-resource-name>Protected Area</web-resource-name>
> > <!-- Define the context-relative URL(s) to be protected -->
> > <url-pattern>/*</url-pattern>
> > <!-- If you list http methods, only those methods are protected -->
> > </web-resource-collection>
> > <auth-constraint>
> > <!-- Anyone with one of the listed roles may access this area -->
> > <role-name>*AUTH*</role-name>
> > </auth-constraint>
> > </security-constraint>
> > <!-- Default login configuration uses form-based authentication -->
> > <login-config>
> > <auth-method>FORM</auth-method>
> > <realm-name>Form-Based Authentication Area</realm-name>
> > <form-login-config>
> > <form-login-page>/Login.jsp</form-login-page>
> >
> > <form-error-page>/error.jsp</form-error-page>
> > </form-login-config>
> > </login-config>
> > <!-- Security roles referenced by this web application -->
> > <security-role>
> > <role-name>*AUTH*</role-name>
> > </security-role>
> >
> >
> > Any help is appreciated.
> >
> > Thanks,
> > Savitha
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
