Hi, On Thu, 28 Oct 2010 21:50:15 +0200, "S.V." <svku...@googlemail.com> wrote: > Hi, > > i have tomcat 6.0.18 and configured it to use JNDIRealm for a specific That version is quite old. In newer versions you could try to add 'adCompat="true"' as documented on http://tomcat.apache.org/tomcat-6.0-doc/config/realm.html.
I don't know if my tip is going to work in your version though. > path: > > > <Realm className="org.apache.catalina.realm.JNDIRealm" > > test="89" I believe that this attribute "test" is useless. It is not documented at least. bye Felix > > connectionName="CN=tomcat,CN= > Users,DC=host,DC=de" > connectionPassword="***" > connectionURL="ldap://host:389/"; > > referrals="follow" > > userBase="DC=host,DC=de" > userRoleName="memberOf" > userSearch="(&(sAMAccountName={0})(objectClass=user))" > userSubtree="true" > /> > > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>JNDIRealm</realm-name> > </login-config> > > > The problem is that sometimes it is working fine, > but sometimes Tomcat got an exception and users can not be authenticated, > because the connections to ldap (AD) timed out. > > 2010-10-28 15:53:08,592 ContainerBase.[Catalina] > ERROR [ttp-8443-1] - Exception performing authentication > javax.naming.PartialResultException [Root exception is > javax.naming.CommunicationException: host.de:389 [Root exception is > java.net.ConnectException: Connection timed out: connect]] > > > Have someone an idea or a hint to find out, why these connections are > timing > out sometimes? > > Thanks in advance --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
