Help coderanch get a
new server
by contributing to the fundraiser

Princeton Ebanks

Greenhorn
+ Follow
since Mar 20, 2008
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
In last 30 days
0
Forums and Threads

Recent posts by Princeton Ebanks

I am using Netbeans and the Apache module that comes with it to build an intranet application that uses authentication with Active Directory. I have a few questions

1. Is the apache module that comes bundled with Netbeans configured to work with active directory for authentication?

2. How do I configure apache to use active directory for authentication

3. How do I configure the apache realm to use active directory for authentication through LDAP

I have tried with the code below, and the result is the java exception that follows. I have tried many options and several attributes for the realm configuration.

the code...

<Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://<my_server_address>:389"
userRoleName="member"
userBase="cn=users,dc=<my_domain_name>"
userPattern="cn={0},cn=Users,dc=<my_domain_name>"
roleBase="cn=Users,dc=<my_domain_name>"
roleName="cn"
roleSearch="(member={0})"
roleSubtree="false"
userSubtree="true"

the exception...

javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece

at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3045)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2758)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1295)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:109)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:123)
at org.apache.catalina.realm.JNDIRealm.getUserByPattern(JNDIRealm.java:1026)
at org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:990)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:916)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:810)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:258)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:584)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)


I need some insights into possible sources of this error
16 years ago
Apart from the obvious spelling error in the realm definition, the issue was two-fold.

The realm had to be defined in a separate file, not the 'server.xml' file. Apache uses this file to define its own realm used to allow users to actually start the server. For your own application, you must define your realm in the 'context.xml' file of the application (in NetBeans). This may be <application_name>.xml for other IDEs (perhaps Eclipse).

Also, the jar file for the database to be used for authentication had to be placed in the apache tomcat lib folder. This doesn't sound very scalable, but understandable if you are using a custom database for your credentials data source. Using LDAP would be handy, wouldnt it?

One small problem: the permission granted is somehow tied to the browser. I had another browser window (tab) open before launcing my application. After closing my tab and relaunching, I went straight to the 'protected' page.

How do I limit the authentication to the session and NOT the application?
[ March 28, 2008: Message edited by: Princeton Ebanks ]
16 years ago
JSP
Thanks, I suspected it would be so. Now, I get the first part. I have renamed made my main content page (index.jsp) and now indeed the server redirects to the login page (loginForm.jsp). I however do not go back to the original page requested when I type in my username and password correctly. I get the error page.

I am using a java db database as my credentials source. I think I have configured my server.xml file properly. The code below shows the relevant section from 'server.xml'

<Realm className="org.apache.catalina.realm.JDBCRealm"
debug="99"
driverName = "org.apache.derby.jdbc.ClientDriver"
connectionURL="jdbc:derby://localhost:1527/OfficeAppsDB"
connectioinName="admin"
connectionPassword="Passw0rd"
userTable="users"
userNameCol="username"
userCredCol="userpassword"
userRoleTable="user_roles"
roleNameCol="rolename"
/>


Is there anything I am missing out?
16 years ago
JSP
I have been trying to use form based authentication without much success. I have a simple web application that gives access to some resources. I start with a login page and from this page I want to forward authorized users to the resources (web page). After configuring the web.xml file, how exactly do I state which page to forward to after a successful login?

I have read quite a bit of stuff about using j_security_check, but nothing tells me how to specify where to go after a user has logged in successgully.

Anyone wiht some light?
16 years ago
JSP
I am building a web application that has a login page (jsp) and that attempts to check the user credentials by connecting to and searching for the username from a java db database. I use javabeans to initialize the form data and then call a function to validate the user.

The function works perfectly outside of the jsp file, but keeps giving a NullPoiunterException when called from the jsp.

Within the jsp, i issue the command:

<% if(loginHandler.validate(); %>

The class associated with the bean (loginHandler) is listed below:

public class VerifyLogin{
private String username;
private String password;
private String userDB;
private java.sql.Connection user_conn;
private String query_string;
private java.sql.Statement user_statement;
private java.sql.ResultSet user_credentials;

public VerifyLogin(){
username = null;
password = null;
userDB = null;
user_conn = null;
query_string = null;
user_statement = null;
user_credentials = null;
}

public String getUsername(){
return username;
}

public String getPassword(){
return password;
}

public void setPassword(String pw){
this.password = pw;
}

public void setUsername(String un){
this.username = un;
}


public boolean validate() throws java.sql.SQLException{

boolean valid_user = false;
userDB = "jdbc:derby://localhost:1527/OfficeAppsDB;user=admin;password=Passw0rd";
query_string = "SELECT * FROM ADMIN.USERS";

try{
Class.forName("org.apache.derby.jdbc.ClientDriver");
user_conn = java.sql.DriverManager.getConnection(userDB);
}
catch(java.sql.SQLException ex){
ex.printStackTrace();
}

catch (java.lang.Exception ex){
ex.printStackTrace();
}

try{
user_statement = user_conn.createStatement(java.sql.ResultSet.TYPE_SCROLL_SENSITIVE, java.sql.ResultSet.CONCUR_READ_ONLY);
user_credentials = user_statement.executeQuery(query_string);
}
catch (java.sql.SQLException ex) {
ex.printStackTrace();
}

if(user_credentials.next()){
if(user_credentials.getObject("username").equals("paebanks")){
valid_user = true;
}
}
user_statement.close();
user_conn.close();

return valid_user;
}

}

The offending statement seems to be:

user_statement = user_conn.createStatement(java.sql.ResultSet.TYPE_SCROLL_SENSITIVE, java.sql.ResultSet.CONCUR_READ_ONLY);

This class works perfectly in a static context (from main), but keeps giving the exception when called from the jsp file. Can anyone shed some light on this?
[ March 20, 2008: Message edited by: Princeton Ebanks ]