Hi Rudy, Sorry that I missed out the problem. I can connect to the server but the authentication of a member in the group AUTH is failing inspite of giving proper credentials. May be I have not configured properly.
Regards, Savitha On Tue, Sep 13, 2011 at 3:02 PM, Rudy Gireyev <rgire...@gmail.com> wrote: > Savitha you forgot to mention what was the problem that you were having. > > Anyway, in your realm specification, for the connectionName you need > to specify the actual name of the user (i.e. admin) that is able to > log into the LDAP to do the lookup that you are interested in. > connectionPassword is the password for that user/admin. > > Rudy > > > On Tue, Sep 13, 2011 at 11:20 AM, Savitha Akella > <savitha.saraswa...@gmail.com> wrote: > > Hi, > > > > I need help in configuring the JNDI Realm to connect to LDAP Server and > > authenticate users. Here are the details: > > > > CN=<AUTH>,OU=XYZ,OU=Application > > Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com - *AUTH is the group in > which > > i have to search if the user is a member of or not. All the members in > this > > group are defined in OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com* > > ** > > This group has members who are defined in > > CN=<User>,OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com > > > > *I have set my JNDIRealm tag in server.xml as follows:* > > <Realm className="org.apache.catalina.realm.JNDIRealm" > > > connectionName="CN=123,OU=Serv-Accts,OU=PAS,OU=Resrc,DC=rma,DC=corp,DC=ABC,DC=com" > > > > connectionPassword="pwd" > > connectionURL="ldap://<hostname:port" debug="99" > > *roleBase*="OU=XYZ,OU=Application > > Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com" > > *roleSubtree*="true" > > *roleName*="cn" > > *roleSearch*="CN=<AUTH>,OU=XYZ,OU=Application > > Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com" > > *userBase*="OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com" > > *userSubtree*="true" > > *userPattern*="CN={0},OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com"/> > > > > > > *The web.xml is as follows:* > > ** > > <security-constraint> > > <display-name>Security Constraint</display-name> > > <web-resource-collection> > > <web-resource-name>Protected Area</web-resource-name> > > <!-- Define the context-relative URL(s) to be protected --> > > <url-pattern>/*</url-pattern> > > <!-- If you list http methods, only those methods are protected --> > > </web-resource-collection> > > <auth-constraint> > > <!-- Anyone with one of the listed roles may access this area --> > > <role-name>*AUTH*</role-name> > > </auth-constraint> > > </security-constraint> > > <!-- Default login configuration uses form-based authentication --> > > <login-config> > > <auth-method>FORM</auth-method> > > <realm-name>Form-Based Authentication Area</realm-name> > > <form-login-config> > > <form-login-page>/Login.jsp</form-login-page> > > > > <form-error-page>/error.jsp</form-error-page> > > </form-login-config> > > </login-config> > > <!-- Security roles referenced by this web application --> > > <security-role> > > <role-name>*AUTH*</role-name> > > </security-role> > > > > > > Any help is appreciated. > > > > Thanks, > > Savitha > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >