It's all about the answers!

Ask a question

LDAP auth again...


Mark Martin (4811815) | asked Jan 30 '08, 4:29 p.m.
I have a Jazz server set up with WAS and LDAP authentication using a bluegroup. The WAS security setup seems to be correct. If I give it a wrong pw, it returns me to the login prompt, or use an account not in the bluegoup it returns a forbidden message. The problem I have is after the login. Using my own account, I get an unauthorized message even though my account does exist in Jazz. However, I created an account in Jazz for a functional bluepage id, and that account works just fine. I have added some other real accounts, and they get the same unauthorized message I do. Any suggestions?

4 answers



permanent link
Christophe Elek (2.9k13021) | answered Jan 30 '08, 4:29 p.m.
JAZZ DEVELOPER
lauzon@us.ibm-dot-com.no-spam.invalid (shawnlauzon) wrote in news:fnqsfr
$msd$2@localhost.localdomain:

I don't understand your scenario: when exactly do you get the
unauthorized message? And what exactly does it look like: is it a
popup window? If so, I HAVE seen that before -- clearing cookies and
restarting my browser generally makes it worse, but in your case it
seems more widespread.

Am I correct in understanding that NO ONE is able to log in since you
got LDAP working?

Also, make sure you're going to https://localhost:9443 (note the
"s").

I also seem to remember a discussion somewhere in the forum which says
you need to modify web.xml and change it to basic (rather than form)
authentication when using WAS/LDAP; you might want to try that out.



Worked with Martin on the phone
Opened 43077 to describe the problem

When connecting Martin gets an Unathorized purple banner at the top of the
admin UI.
Seems to me the LDAP works fine, the user is found in the database, yet
something went wrong

we checked the mapping and we checked the roles in the DB... no obvious
difference
I found nothing in the log (which worries me :) So I opened a work item :)

--
Christophe Elek
Serviceability Architect
IBM Software Group - Rational

permanent link
Shawn Lauzon (38174) | answered Jan 30 '08, 5:03 p.m.
I don't understand your scenario: when exactly do you get the unauthorized message? And what exactly does it look like: is it a popup window? If so, I HAVE seen that before -- clearing cookies and restarting my browser generally makes it worse, but in your case it seems more widespread.

Am I correct in understanding that NO ONE is able to log in since you got LDAP working?

Also, make sure you're going to https://localhost:9443 (note the "s").

I also seem to remember a discussion somewhere in the forum which says you need to modify web.xml and change it to basic (rather than form) authentication when using WAS/LDAP; you might want to try that out.

permanent link
yu wang (48816245) | answered Feb 15 '08, 1:58 a.m.
Hi Christophe Elek ,
I will install RTC with ITDS(LDAP)/WAS/DB2.
Can you provide a docs about LDAP/WAS.

permanent link
Christophe Elek (2.9k13021) | answered Feb 15 '08, 4:43 a.m.
JAZZ DEVELOPER
wangwyu@cn.ibm-dot-com.no-spam.invalid (openeis) wrote in news:fp3do5$moa$1
@localhost.localdomain:

Hi Christophe Elek ,
I will install RTC with ITDS(LDAP)/WAS/DB2.
Can you provide a docs about LDAP/WAS.

I sent the doc to the email address

--
Christophe Elek
Serviceability Architect
IBM Software Group - Rational

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.