stackoom
  简体   繁体   中英

LDAP tomcat JNDIRealm

 原文  2017-03-21 05:23:50       java/ tomcat/ ssl/ ldap

Question

I am using the below server.xml file to configure tomcat to use JNDIRealm to connect to ldap server.

However I keep getting error :

Caused by: javax.naming.CommunicationException: localhost:389 [Root exception is java.net.ConnectException: Connection refused: connect]

I am nowhere using localhost:389 if you see my connection url used host and 636 port. So what is it causing to connect to localhost:389.

Below is server.xml: 

<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JasperListener" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
          type="org.apache.catalina.UserDatabase"
          description="User database that can be updated and saved"
          factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
          pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" 
 SSLEnabled="true" maxThreads="150" scheme="https" secure="true" 
 keystoreFile="keystore_key.jks" keystoreType="JKS" 
 keystorePass="xxxxx" URIEncoding="UTF-8" clientAuth="false" sslProtocol="TLS" /> 
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">    
<Realm className="org.apache.catalina.realm.JNDIRealm"
            connectionURL="ldap://mycomapny.org:636" 
            userSubtree="true"
            userBase="DC=test,DC=win,DC=user,DC=org" 
            userSearch="(&amp;(sAMAccountName={0})(objectcategory=user))"
            userRoleName="memberOf" 
            roleBase="DC=test,DC=win,DC=user,DC=org" 
            roleName="cn"
            roleSearch="(member={0})" 
            roleSubtree="true" 
            roleNested="true"/>
<Host name="localhost" appBase="webapps">
            <Context docBase="spnego" path="">
                <Valve className="org.apache.catalina.authenticator.SpnegoAuthenticator"
                    storeDelegatedCredential="true" />
            </Context>
        </Host>
</Engine>
</Service>
</Server>

1 answers

solution1
 0  2017-04-14 16:37:58

Did you try specifying ldaps in the connectionURL setting, ie connectionURL="ldaps://mycompany.org:636"

port 389 is for a non-secure connection

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to configure Custom JNDIRealm (added read timeout for LDAP) in Tomcat Server.xml Tomcat Windows Authentication: JNDIRealm doesn't use SPNEGO delegated credentials Java Tomcat LDAP authentication LDAP Authentication with JSF and Tomcat LDAP authentication for Tomcat - 403 error access JNDIRealm in JSP? tomcat jndi ldap userSearchAsUser not used Active Directory LDAP Authentication with Tomcat How to setup CAS with LDAP on tomcat.. NO ERROR Mapping Ldap groups to role of the application in tomcat
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM