What are your security constraints within your web.xml? -Dennis
-----Original Message----- From: Graham Leggett [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 08, 2005 4:20 PM To: users@tomcat.apache.org Subject: Config problem: AAA and LDAP Hi all, I have just created a simple webapp hosted with Tomcat v5.0.28, and I want to add container managed security against an LDAP server. Following the Tomcat instructions for adding a realm against JNDI does not seem to have had any effect: Attempts to access the webapp are always successful, no username or password is asked for at all. The realm is added within the <Context> tag, and is defined like this: <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://localhost:389"; connectionName="cn=Mail,dc=yyy" connectionPassword="zzz" userPattern="uid={0},ou=People,ou=Testing,yyy" roleBase="ou=Groups,ou=Testing,yyy" roleName="cn" roleSearch="(uniqueMember={0})" /> The file jndi-ldap.jar was copied into the server/lib directory, and the logfile includes this single line about LDAP: 2005-11-08 22:41:58 JNDIRealm[/julia]: Connecting to URL ldap://localhost:389 I am using JDK v1.5.0_05 from Sun which I notice does not contain any specific jndi-ldap.jar file anywhere in the distro. Does Tomcat v5.0.28 work with JDK v1.5? Can anyone point out what I might be doing wrong? The instructions are pretty straightforward, but the AAA just "doesn't work", I am at a loss as to what is wrong. Regards, Graham -- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
