Re: LDPA Authentication Failure

Fri, 13 Dec 2013 08:08:36 -0800 

2013/12/13 Phill Perryman <ph...@alstonelane.com>:
> I have set up the following authentication to the ldap server. I can log
> into this server using the LdapAdmin browser ok.
>
> Running 7.0.34 (I think its 34 but I can't bring the server up at the
> moment)
>
> I am getting a stack trace
>
> Dec 13, 2013 1:56:35 PM org.apache.catalina.realm.JNDIRealm open
> WARNING: Exception performing authentication
> javax.naming.CommunicationException: localhost:389 [Root exception is
> java.net.ConnectException: Connection refused: connect]
> at com.sun.jndi.ldap.Connection.<init>(Unknown Source)
>

Does the authentication fail at the time of this warning? It may
happen that the connection is finished on the ldap server when tomcat
tries to authenticate the user, but tomcat should retry anyway after
this message (which has an INFO level in recents versions)

> I am not connecting to local host so I don't understand the message. None
> of the other files in conf have been touched.
>
> I tried searching and found lots of references but no real solutions.
>
>  <Engine name="Catalina" defaultHost="localhost">
>        <Host name="localhost"  appBase="webapps" unpackWARs="true"
> autoDeploy="true">
>  <Realm className="org.apache.catalina.realm.JNDIRealm">
>  debug="99"
>  connectionName="cn=xxx,o=mitelinternet"
>  connectionPassword="xxx"
>  connectionURL="ldap://ottedev02.mitel.com:389";
>  alternateURL="ldap://ottedev02.mitel.com:389";
>  userPattern="uid={0},o=mitelinternet"
>  roleBase="o=mitelinternet"
>  roleSubtree="true"
>  roleSearch="(member={0})"
>  roleName="cn"
>  </Realm>
>

Is it really the definition that you have in server.xml or is a typo?
As it is written, the Realm has no attribute which may explain the
localhost in the message (default in JNDI).

May be you meant :
.
>  <Realm className="org.apache.catalina.realm.JNDIRealm"
>  debug="99"
>  connectionName="cn=xxx,o=mitelinternet"
>  connectionPassword="xxx"
>  connectionURL="ldap://ottedev02.mitel.com:389";
>  alternateURL="ldap://ottedev02.mitel.com:389";
>  userPattern="uid={0},o=mitelinternet"
>  roleBase="o=mitelinternet"
>  roleSubtree="true"
>  roleSearch="(member={0})"
>  roleName="cn">
>  </Realm>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to