TOMCAT & LDAP --> Windows 2000 server

[Rejean]

Hi I configured my server.xml to connect to my ldap server, everything
is fine but my problem is that when it returns the role it send back
the fully qualified domain name.
here is my config in server.xml :

<Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionName="CN=USER,CN=Users,DC=test,DC=DOMAIN,DC=qc,DC=ca"
connectionPassword="PASSWORD"
connectionURL="ldap://MYSERVER:3268"
userBase="OU=TESTTRUST,DC=TESTTOTO,DC=DOMAIN,DC=qc,DC=ca"
userSearch="(sAMAccountName={0})"
userRoleName="memberOf"
roleBase="OU=TESTTRUST,DC=TESTTOTO,DC=DOMAIN,DC=qc,DC=ca"
roleName="cn"
roleSearch="(uniqueMember={0})"
roleSubtree="true"
userSubtree="true"
/>

Here is my log file :

2004-01-07 13:36:58 JNDIRealm[Standalone]: Connecting to URL
ldap://MYSERVER:3268
2004-01-07 13:37:07 JNDIRealm[Standalone]: Searching for USERNAME
2004-01-07 13:37:07 JNDIRealm[Standalone]: base:
OU=TestTRUST,DC=BURpreprod,DC=hydro,DC=qc,DC=ca filter:
(sAMAccountName=USERNAME)
2004-01-07 13:37:07 JNDIRealm[Standalone]: entry found for USERNAME
with dn CN=USERNAME,OU=TESTTRUST,DC=TESTTOTO,DC=DOMAIN,DC=qc,DC=ca
2004-01-07 13:37:07 JNDIRealm[Standalone]: retrieving values for
attribute memberOf
2004-01-07 13:37:07 JNDIRealm[Standalone]: validating credentials by
binding as the user
2004-01-07 13:37:07 JNDIRealm[Standalone]: binding as
CN=USERNAME,OU=TESTTRUST,DC=TESTTOTO,DC=DOMAIN,DC=qc,DC=ca
2004-01-07 13:37:08 JNDIRealm[Standalone]: Username USERNAME
successfully authenticated
2004-01-07 13:37:08 JNDIRealm[Standalone]:
getRoles(CN=USERNAME,OU=TESTTRUST,DC=TESTTOTO,DC=DOMAIN,DC=qc,DC=ca)
2004-01-07 13:37:08 JNDIRealm[Standalone]: Searching role base
'OU=TESTTRUST,DC=TESTTOTO,DC=DOMAIN,DC=qc,DC=ca' for attribute 'cn'
2004-01-07 13:37:08 JNDIRealm[Standalone]: With filter expression
'(uniqueMember=CN=USERNAME,OU=TESTTRUST,DC=TESTTOTO,DC=DOMAIN,DC=qc,DC=ca)'
2004-01-07 13:37:08 JNDIRealm[Standalone]: Returning 3 roles
2004-01-07 13:37:08 JNDIRealm[Standalone]: Found role
CN=manager,OU=Production,OU=MYCOMPANY,DC=test,DC=DOMAIN,DC=qc,DC=ca
2004-01-07 13:37:08 JNDIRealm[Standalone]: Found role
CN=HQCOP,OU=Production,OU=MYCOMPANY,DC=test,DC=DOMAIN,DC=qc,DC=ca
2004-01-07 13:37:08 JNDIRealm[Standalone]: Found role
CN=HQADMIN,OU=Production,OU=MYCOMPANY,DC=test,DC=DOMAIN,DC=qc,DC=ca
2004-01-07 13:37:08 JNDIRealm[Standalone]: Username USERNAME does NOT
have role manager

So my problem is the way they return the role ... I would only want to
have "manager" and not the fully name .. "CN=manager....OU..."

Thanks for the Help

Rejean

 

[Sudsy]

Rejean wrote:

So my problem is the way they return the role ... I would only want to
have "manager" and not the fully name .. "CN=manager....OU..."

Thanks for the Help

Rejean

'Tis not a problem at all. Why should "they" return the data in a non-
standard format? It's up to you to accept the data as provided according
to the specs and massage it as needs be. Parsing the string is hardly
rocket science...

 

[Rejean]

Rejean wrote:


'Tis not a problem at all. Why should "they" return the data in a non-
standard format? It's up to you to accept the data as provided according
to the specs and massage it as needs be. Parsing the string is hardly
rocket science...

OK .. Il will parse the string but it's because if using LDAP from NDS
it only return's the group name not the fully qualified... that's the
reasing of my question!

Thanks!