This week's book giveaway is in the Big Data forum.
We're giving away four copies of Elasticsearch in Action and have Radu Gheorghe & Matthew Lee Hinman on-line!
See this thread for details.
The moose likes Security and the fly likes LDAP Search with subtree Scope Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Elasticsearch in Action this week in the Big Data forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "LDAP Search with subtree Scope" Watch "LDAP Search with subtree Scope" New topic

LDAP Search with subtree Scope

Rajesh Seth

Joined: Aug 30, 2010
Posts: 12
I have configured JConsole to authenticate remotely logged in user from LDAP on Tomcat. Below is the query configured in Tomcat server(login.config) to authenticate from LDAP server.

Tomcat { /* should match to the property */ REQUIRED

But it doesn't work unless direct DN is not provided. Using direct DN, From root to bottom path till DN in "userFilter=", it authenticates fine. A wild guess to the problem is that it is not searching the subtree. I need some parameter here which tells the Server to search inside the subtree as well for the user. Right now it is only looking into the head tree and not navigating inside. Basically LDAP search scope need to be specified. When I search from Active Directory Studio with scope set as subtree, it works fine without direct DN provided(userFilter set shown in Query above).

Is there any parameter in LdapLoginModule to set scope property? I am ready to change provider as well but would prefer using

More Info on -

Rajesh Seth
Rajesh Seth

Joined: Aug 30, 2010
Posts: 12
Please Help!!
I agree. Here's the link:
subject: LDAP Search with subtree Scope