Hi,
I'm getting started with Tomcat's Realm authentication with LDAP. I've
performed the following steps to authenticate users in my web application :
- put ldap.jar in $TOMCAT_HOME/common/lib
- modified $TOMCAT_HOME/conf/server.xml as follows :
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="ldap://my_url:389";
userPattern="uid={0},ou=People,o=company"
roleBase="ou=People,o=company"
roleName="cn"
roleSearch="(uniqueMember={0})"
/>
I've put this Realm configuration within the <Host> element
- modified the web.xml of my web application to point it to the url.
Then when I try to authenticate I get a 403 error, so it seems like
authentication is ok but I don't have authorization for accessing the
ressources.
Maybe the problem is because of the roles ? Because I couldn't see the
roles on the LDAP server with a LDAP browser, although authentication on
it the browser successful, as well as the queries.
Is there a possibility to authenticate with no roles (I'm not sure what
to put within the <role-name> in web.xml, is this element mandatory?) ?
Or how can we see the roles in the LDAP browser ?
Note : I'm using Tomcat 5.5.17 and OpenLDAP server.
Did I miss something in my process ?
Any hints or suggestions are welcome.
Thanks.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
