I am using the below server.xml file to configure tomcat to use JNDIRealm to connect to ldap server.
However I keep getting error :
Caused by: javax.naming.CommunicationException: localhost:389 [Root exception is java.net.ConnectException: Connection refused: connect]
I am nowhere using localhost:389 if you see my connection url used host and 636 port. So what is it causing to connect to localhost:389.
Below is server.xml:
<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JasperListener" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
SSLEnabled="true" maxThreads="150" scheme="https" secure="true"
keystoreFile="keystore_key.jks" keystoreType="JKS"
keystorePass="xxxxx" URIEncoding="UTF-8" clientAuth="false" sslProtocol="TLS" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://mycomapny.org:636"
userSubtree="true"
userBase="DC=test,DC=win,DC=user,DC=org"
userSearch="(&(sAMAccountName={0})(objectcategory=user))"
userRoleName="memberOf"
roleBase="DC=test,DC=win,DC=user,DC=org"
roleName="cn"
roleSearch="(member={0})"
roleSubtree="true"
roleNested="true"/>
<Host name="localhost" appBase="webapps">
<Context docBase="spnego" path="">
<Valve className="org.apache.catalina.authenticator.SpnegoAuthenticator"
storeDelegatedCredential="true" />
</Context>
</Host>
</Engine>
</Service>
</Server>
Did you try specifying ldaps in the connectionURL setting, ie connectionURL="ldaps://mycompany.org:636"
port 389 is for a non-secure connection
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.