Hello
can we please see the statements leading up to NameParser.parse() method call are you able to ldapsearch using DC and OU parameters without CN? M- This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <users@tomcat.apache.org> Sent: Tuesday, October 31, 2006 7:00 AM Subject: JNDIRealm exception > Problem with JNDIRealm > > > > I successfully authenticate my users against active Directory > (single domain). But now I have a setup with trusted domains and the > authentication fails with the following exception. > > Everything is working fine if my user is in the domain ar-net.ch. > > Now I want to authenticate a user in the Domain teufen.ar-net.ch. > As I see with Ethereal, referrals are followed and the user is found. > But the user is not authenticated and the log shows the following > exception. > > Tomcat server is 5.5.15 and java is 1.5.0_06 > > > > Thank you for any clue > > > > > > Exception performing authentication > > javax.naming.InvalidNameException: Invalid name: ldap: > > at javax.naming.ldap.Rfc2253Parser.doParse(Unknown > Source) > > at javax.naming.ldap.Rfc2253Parser.parseDn(Unknown > Source) > > at javax.naming.ldap.LdapName.parse(Unknown Source) > > at javax.naming.ldap.LdapName.<init>(Unknown Source) > > at com.sun.jndi.ldap.LdapNameParser.parse(Unknown > Source) > > at org.apache.catalina.realm.JNDIRealm.getUserBySearch > (JNDIRealm.java:1079) > > at org.apache.catalina.realm.JNDIRealm.getUser > (JNDIRealm.java:958) > > at org.apache.catalina.realm.JNDIRealm.authenticate > (JNDIRealm.java:907) > > at org.apache.catalina.realm.JNDIRealm.authenticate > (JNDIRealm.java:808) > > at org.apache.catalina.authenticator.FormAuthenticator. > authenticate(FormAuthenticator.java:257) > > at org.apache.catalina.authenticator.AuthenticatorBase. > invoke(AuthenticatorBase.java:416) > > at org.apache.catalina.core.StandardHostValve.invoke > (StandardHostValve.java:126) > > at org.apache.catalina.valves.ErrorReportValve.invoke > (ErrorReportValve.java:105) > > at org.apache.catalina.core.StandardEngineValve.invoke > (StandardEngineValve.java:107) > > at org.apache.catalina.connector.CoyoteAdapter.service > (CoyoteAdapter.java:148) > > at org.apache.coyote.http11.Http11Processor.process > (Http11Processor.java:869) > > at org.apache.coyote.http11. > Http11BaseProtocol$Http11ConnectionHandler.processConnection > (Http11BaseProtocol.java:667) > > at org.apache.tomcat.util.net.PoolTcpEndpoint. > processSocket(PoolTcpEndpoint.java:527) > > at org.apache.tomcat.util.net. > LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) > > at org.apache.tomcat.util.threads. > ThreadPool$ControlRunnable.run(ThreadPool.java:684) > > at java.lang.Thread.run(Unknown Source) > > 31.10.2006 08:57:59 org.apache.catalina.realm.JNDIRealm close > > > > Here is the config? > > > > <Realm name="myrealm" > > className="org.apache.catalina.realm.JNDIRealm" debug="99" > > connectionName="CN=dasquery,OU=Herisau-AR-NET,DC=ar-net,DC=ch" > > connectionPassword="not public" > > connectionURL="ldap://s1.ar-net.ch:389"; > > userBase="DC=ar-net,DC=ch" > > userSubtree="true" > > userSearch="userPrincipalName= > {0}" > > roleName="cn" > > roleSearch="(member={0})" > > roleBase="OU=DASGROUPS,OU=Herisau-AR-NET,DC=ar-net,DC=ch" > > referrals="follow" > > /> > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
