Thanks for your reply.
1. Apache Tomcat version is 5.5.15.
2. Below is from the log file.
Jan 19, 2011 3:29:26 PM org.apache.catalina.realm.JNDIRealm authenticate
SEVERE: Exception performing authentication
javax.naming.PartialResultException [Root exception is
javax.naming.CommunicationException: DomainDnsZones.emp.alverno.edu:389 [Root
exception is java.net.UnknownHostException: DomainDnsZones.emp.alverno.edu]]
at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:224)
at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(LdapNamingEnumeration.java:362)
at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:208)
at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(LdapNamingEnumeration.java:362)
at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:208)
at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:171)
at
org.apache.catalina.realm.JNDIRealm.getUserBySearch(JNDIRealm.java:1067)
at org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:958)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:907)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:808)
at
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:257)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:199)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:282)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:754)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:684)
at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:876)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Caused by: javax.naming.CommunicationException:
DomainDnsZones.emp.alverno.edu:389 [Root exception is
java.net.UnknownHostException: DomainDnsZones.emp.alverno.edu]
at
com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:74)
at
com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:132)
at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(LdapNamingEnumeration.java:339)
at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:208)
... 22 more
Caused by: java.net.UnknownHostException: DomainDnsZones.emp.alverno.edu
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:177)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:519)
at java.net.Socket.connect(Socket.java:469)
at java.net.Socket.<init>(Socket.java:366)
at java.net.Socket.<init>(Socket.java:179)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:346)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:181)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1578)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2596)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at
com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:134)
at
com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:35)
at javax.naming.spi.NamingManager.getURLObject(NamingManager.java:584)
at javax.naming.spi.NamingManager.processURL(NamingManager.java:364)
at
javax.naming.spi.NamingManager.processURLAddrs(NamingManager.java:344)
at
javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:316)
at
com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:93)
... 25 more
However, [email protected] will be valid when the window server is 2003.
3. I haven't tested the query independently of Tomcat. I don't know how. If you
have the instructions, it will be very helpful.
Thanks again,
Jill
-----Original Message-----
From: Christopher Schultz [mailto:[email protected]]
Sent: Wednesday, January 19, 2011 4:45 PM
To: Tomcat Users List
Subject: Re: how to configue tomcat ldap 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jill,
On 1/19/2011 4:56 PM, Jill Han wrote:
> Here is the snippet of server.xml
>
> <Realm className="org.apache.catalina.realm.JNDIRealm"
> debug="99"
debug isn't a valid attribute on any supported version of Tomcat. What
version are you using?
> connectionName="[email protected]"
> connectionPassword="userPass"
> connectionURL="ldap://some.college.edu:389";
So these credentials still work in the new installation?
> referrals="follow"
> userBase="dc=some,dc=college,dc=edu"
> userSearch="(sAMAccountName={0})"
> userRoleName="memberof"
> roleBase="dc=some,dc=college,dc=edu"
> roleName="cn"
> roleSearch="(uniqueMember={0})"
> userSubtree="true"
> roleSubtree="false"
Have you tested your query independently of Tomcat to see if it matches
anything?
> It is working on 2003 server. However when the server is upgraded to
> window 2008, it is not working anymore.
>
> Any suggestions?
What do the log files say?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk03aXcACgkQ9CaO5/Lv0PBOvACfbMbEFH+JxwlrEulx68NKe0OM
I1cAnAn5Yp82TQM2lXe+rXVu5xWIFqYL
=aYzD
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
