Hi,
Thanks Stu. When I tried out using
Java, it's working fine. The authentication is done. But unable to do any operation on the directory. Here's the code snippet.
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://mycompany.com");
env.put(Context.PROVIDER_URL, "ldap://mycompany.com");
env.put(Context.SECURITY_PRINCIPAL, "domainName\\visu");
env.put(Context.SECURITY_CREDENTIALS, "XXXXXXX");
DirContext ctx = new InitialDirContext(env);
When configuring in JNDI Realm, it's connecting but unable to authenticate.
Here's the code snippet of web.xml.
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint/>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>org.apache.catalina.realm.JNDIRealm</realm-name>
</login-config>
server.xml
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="ldap://myCompany:389/dc=domainName,dc=com"
alternateURL="ldap://myCompany:389/dc=domainName,dc=com"
userBase="ou=domainName,dc=domainName,dc=com"
userSearch="(UID={0})"
userSubtree="true"
/>
Here's the error log.
2006-11-09 12:58:08 JNDIRealm[Catalina]: Connecting to URL
ldap://myCompany:389/dc=domainName,dc=com 2006-11-09 12:58:08 JNDIRealm[Catalina]: Searching for domainName\visu
2006-11-09 12:58:08 JNDIRealm[Catalina]: base: ou=domainName,dc=domainName,dc=com filter: (UID=domainName\visu
)
2006-11-09 12:58:08 JNDIRealm[Catalina]: Exception performing authentication
javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]; remaining name 'ou=domainName,dc=domainName,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3028)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1811)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1734)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:328)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:313)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:238)
at org.apache.catalina.realm.JNDIRealm.getUserBySearch(JNDIRealm.java:1047)
at org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:940)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:889)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:782)
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:129)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:793)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:702)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:571)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:644)
at java.lang.Thread.run(Thread.java:534)
I couldn't get appropriate feedback from my admin. Where's the file located that contains the Active Directory usernames and what will be name of it. We are using Windows 2003.
Thanks in advance,
Visu