aspose file tools*
The moose likes Tomcat and the fly likes Configure JNDI Realm Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Configure JNDI Realm" Watch "Configure JNDI Realm" New topic
Author

Configure JNDI Realm

kasko oscuro
Greenhorn

Joined: Jun 28, 2007
Posts: 1
Hi all,

I'm configuring a JNDI Realm with LDAP in Tomcat 5.5. The authentication process works fine but when Tomcat tries to check role this fails and it returns me a HTTP 403 page.

Tomcat log is:

DEBUG http-6060-Processor25 org.apache.catalina.authenticator.AuthenticatorBase - Calling authenticate()
DEBUG http-6060-Processor25 org.apache.catalina.authenticator.AuthenticatorBase - Authenticated 'tssiweb' with type 'BASIC'
DEBUG http-6060-Processor25 org.apache.catalina.authenticator.AuthenticatorBase - Calling accessControl()
DEBUG http-6060-Processor25 org.apache.catalina.realm.RealmBase - Checking roles GenericPrincipal[tssiweb()]
DEBUG http-6060-Processor25 org.apache.catalina.realm.RealmBase - El usuario tssiweb NO desempe´┐Ża el papel de tssiwebuser
DEBUG http-6060-Processor25 org.apache.catalina.realm.RealmBase - No role found: tssiwebuser
DEBUG http-6060-Processor25 org.apache.catalina.authenticator.AuthenticatorBase - Failed accessControl() test

I have this information in LDAP, the user is tssiweb and the role is tssiwebuser:

dn: cn=tssiwebuser,ou=groups, o=tmm
objectClass: groupOfUniqueNames
uniqueMember: uid=tssiweb, ou=People, o=tmm
cn: tssiwebuser

dn: uid=tssiweb,ou=People, o=tmm
mail: tssiweb@prueba.es
userPassword:: e1NIQX0wRFBpS3VOSXJyVm1EOElVQ3V3MWhReE5xWmM9
uid: tssiweb
objectClass: inetOrgPerson
sn: tssiweb
cn: tssiwebuser

The context file for my web application is:

<Context docBase="${catalina.home}/webapps/TSSIWEB">
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="ldap://10.95.8.110:389"
userPattern="uid={0}, ou=People, o=tmm"
roleBase="ou=groups, o=tmm"
roleName="cn"
roleSearch="(uniqueMember={0})" />
</Context>

And the security definitions in the web.xml are:

<!-- Security definitions -->

<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>tssiwebuser</role-name>
</auth-constraint>
</security-constraint>

<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>TSSIWEB</realm-name>
</login-config>

<!-- Security roles referenced by this web application -->
<security-role>
<description>The role that is required to log in to the TSSIWEB Application</description>
<role-name>tssiwebuser</role-name>
</security-role>

I suppose that it will be some wrong configuration value. I would be very graceful for some track about.

Thanks,
Edu
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Configure JNDI Realm