File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes LDAP with JNDI trouble Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "LDAP with JNDI trouble" Watch "LDAP with JNDI trouble" New topic
Author

LDAP with JNDI trouble

Ken Rubin
Ranch Hand

Joined: Mar 08, 2004
Posts: 66
Hello,

I am setting up my Tomcat JNDI realm as:

<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://Au-dc1:389"
connectionName="CN=Ken Rubin,OU=Development,OU=Corporate,DC=mycompany,DC=com"
connectionPassword="mallory1"
userBase="OU=Development,OU=Corporate,DC=mycompany,DC=com"
userSearch="(sAMAccountName={0})"
userSubtree="true"
userRoleName="cn"
/>

I am only able to log onto Tomcat Manager if I set
userRoleName="cn", when as an attribute = "Ken Rubin". In web.xml for the Tomcat manager, I had to
set my name as a role. ie.

web.xml
<auth-constraint>
<role-name>Ken Rubin</role-name>
</auth-constraint>
</security-constraint>

<security-role>
<role-name>Ken Rubin</role-name>
</security-role>

My directory in LDAP is at "CN=Ken Rubin,OU=Development,OU=Corporate,DC=mycompany,DC=com".

I had wished to set userRoleName="memberOf" and return the roles for me, one these roles would be in my web.xml
instead of Ken Rubin. But I have been unable to do this.

One thing I noticed is that none of our company roles have any attributes listed under them.

Also I don't know how to get the logger to give me more possible information about why I am failing.

Any help would be greatly appreciated!

Thank you,
Ken

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: LDAP with JNDI trouble