Savitha you forgot to mention what was the problem that you were having.
Anyway, in your realm specification, for the connectionName you need
to specify the actual name of the user (i.e. admin) that is able to
log into the LDAP to do the lookup that you are interested in.
connectionPassword is the password for that user/admin.
Rudy
On Tue, Sep 13, 2011 at 11:20 AM, Savitha Akella
<savitha.saraswa...@gmail.com> wrote:
> Hi,
>
> I need help in configuring the JNDI Realm to connect to LDAP Server and
> authenticate users. Here are the details:
>
> CN=<AUTH>,OU=XYZ,OU=Application
> Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com - *AUTH is the group in which
> i have to search if the user is a member of or not. All the members in this
> group are defined in OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com*
> **
> This group has members who are defined in
> CN=<User>,OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com
>
> *I have set my JNDIRealm tag in server.xml as follows:*
> <Realm className="org.apache.catalina.realm.JNDIRealm"
> connectionName="CN=123,OU=Serv-Accts,OU=PAS,OU=Resrc,DC=rma,DC=corp,DC=ABC,DC=com"
>
> connectionPassword="pwd"
> connectionURL="ldap://<hostname:port" debug="99"
> *roleBase*="OU=XYZ,OU=Application
> Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com"
> *roleSubtree*="true"
> *roleName*="cn"
> *roleSearch*="CN=<AUTH>,OU=XYZ,OU=Application
> Managed,OU=Groups,DC=rma,DC=corp,DC=ABC,DC=com"
> *userBase*="OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com"
> *userSubtree*="true"
> *userPattern*="CN={0},OU=Workers,DC=rma,DC=corp,DC=ABC,DC=com"/>
>
>
> *The web.xml is as follows:*
> **
> <security-constraint>
> <display-name>Security Constraint</display-name>
> <web-resource-collection>
> <web-resource-name>Protected Area</web-resource-name>
> <!-- Define the context-relative URL(s) to be protected -->
> <url-pattern>/*</url-pattern>
> <!-- If you list http methods, only those methods are protected -->
> </web-resource-collection>
> <auth-constraint>
> <!-- Anyone with one of the listed roles may access this area -->
> <role-name>*AUTH*</role-name>
> </auth-constraint>
> </security-constraint>
> <!-- Default login configuration uses form-based authentication -->
> <login-config>
> <auth-method>FORM</auth-method>
> <realm-name>Form-Based Authentication Area</realm-name>
> <form-login-config>
> <form-login-page>/Login.jsp</form-login-page>
>
> <form-error-page>/error.jsp</form-error-page>
> </form-login-config>
> </login-config>
> <!-- Security roles referenced by this web application -->
> <security-role>
> <role-name>*AUTH*</role-name>
> </security-role>
>
>
> Any help is appreciated.
>
> Thanks,
> Savitha
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
