JNDI Realm Configuration Review please
My Tomcat web application logs are telling me the user1 isn't in the specified mapped LDAP role/group coming from AD. I believe my issues lie with the JNDI Realm definition. Can someone review it please and see where I may be going wrong, I've included the DN information from AD as well:
My user1 account DN is
The role/group Users I have specified in the web.xml config is
My Realm configuration is
My user1 account DN is
DistinguishedName : CN=user1,OU=Users,OU=Lab,DC=example,DC=com
The role/group Users I have specified in the web.xml config is
DistinguishedName : CN=Users,CN=Builtin,DC=example,DC=com
My Realm configuration is
<Realm
className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://example.com:389"
authentication="simple"
referrals="follow"
connectionName="cn=administrator,cn=users,dc=example,dc=com"
connectionPassword="##########"
userSearch="(sAMAccountName={0})"
userBase="cn=users,dc=example,dc=com"
userSubtree="true"
userRoleName="memberOf"
roleSearch="(member={0})"
roleName="cn"
roleSubtree="true"
roleBase="cn=users,cn=builtin,dc=example,dc=com"/>
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
This was the solution
<Realm
className="org.apache.cata
debug="99"
connectionURL="ldap://exam
authentication="simple"
referrals="follow"
connectionName="cn=adminis
connectionPassword="######
userSearch="(sAMAccountNam
userBase="dc=example,dc=co
userSubtree="true"
userRoleName="memberOf"
roleName="cn"
roleSubtree="true"/>
<Realm
className="org.apache.cata
debug="99"
connectionURL="ldap://exam
authentication="simple"
referrals="follow"
connectionName="cn=adminis
connectionPassword="######
userSearch="(sAMAccountNam
userBase="dc=example,dc=co
userSubtree="true"
userRoleName="memberOf"
roleName="cn"
roleSubtree="true"/>
Premium Content
You need an Expert Office subscription to comment.Start Free Trial