Thank you guys. So here is the thought behind this. In the Original LDAP Search parameter, I am searching for 2 Attributes: mail and userCertificate. mail is just a plain string - email and userCertificate is a X.509 DER (.cer) certificate in binary format.
Hence I thought that I would need to have both in the connectivity. I will try doing a general Search and then specify in the @GET or @POST method the more specifics. I did get the connection issue resolved, but not in the manner I thought would be best: i.e.: I just passed the connection parameters in the @GET method like so: LdapConnection connection = new LdapNetworkConnection(ipAddress, port); connection.bind(); this works. Thanks again for the help. regards Shai On Nov 4, 2013, at 11:08 AM, Propes, Barry L <barry.l.pro...@citi.com> wrote: > > > -----Original Message----- > From: Daniel Mikusa [mailto:dmik...@gopivotal.com] > Sent: Monday, November 04, 2013 9:57 AM > To: Tomcat Users List > Subject: Re: Connection to ApacheDS LDAP > > On Nov 4, 2013, at 10:49 AM, Shai Levit <redsolar_ecli...@msn.com> wrote: > >> My apologies in advance for some of the syntax and verbiage - I am a newbie >> in all of this, but did do my reading / research / and chat on IRC's. >> >> The current setup I have is this: >> Apache DS LDAP version 2.0.0-M14 running on Linux with Port 8660. The >> server instance works fine and I am able to do a search via Apache API in >> Java (Eclipse). I bind to this server anonymously via connection.bind() >> Tomcat version 7.0.47 running on Mac OS X (Maverick) with Port 8080. The >> Tomcat instance work fine using the installed default values. I am able to >> run simple REST API and consume them via any browser. >> >> Issue: I am trying to create a connection to the LDAP server via anonymous >> binding. I configured the appropriate conf file: server.xml with the REALM >> as follows: >> >> <Realm className="org.apache.catalina.realm.JNDIRealm" >> connectionURL="ldap://Integration01.icsl.net:8660"; >> debug="99" >> userBase="dc=sumsmail,dc=com" >> userSearch="(mail{0})" >> userSearch="(userCertificate{0})" > > Why do you have "userSearch" specified twice? That's what's causing the > exception below. > >> userSubtree="true" >> roleBase="dc=sumsmail,dc=com" >> roleName="cn" >> roleSearch="(mail={0})" >> roleSearch="(userCertificate={0})" > > This will likely cause a similar exception, you can only specify these > attributes one. > > Dan > >> roleSubtree="true" >> /> >> </Realm> >> >> <Host name="localhost" appBase="webapps" >> unpackWARs="true" autoDeploy="true"> >> > > > Not that I'm particularly knowledgeable about configuring LDAP, because I'm > not but looking at the error I wondered what Dan did - why did you have the > userSearch attribute listed twice? You also have the roleSearch attribute > listed twice, though it might not show that error since it spits up at the > first one. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org
