[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP 1.2 and Iplanet 4.1 Web server

To: OpenLDAP-software@OpenLDAP.org
Subject: Re: OpenLDAP 1.2 and Iplanet 4.1 Web server
From: Joseph Spenner <joseph85750@yahoo.com>
Date: Tue, 15 May 2001 07:21:59 -0700 (PDT)
In-reply-to: <20010509185937.25079.qmail@web13107.mail.yahoo.com>

I just realized that if I point my Netscape Enterprise
Server 3.6 at my Linux LDAP 1.2 server, I can
authenticate against it.  However, if I use Iplanet
4.1 web server, I can not authenticate.  I always get
an 'access denied' type of message as described below.

Has anyone seen differences like this between the
older Netscape Enterprise servers and the new
(improved?) Iplanet web servers?


> This question is specifically for anyone using LDAP
> with Iplanet web servers.
> 
> I have an LDAP 1.2 server running on a Linux box.  I
> can see all the users from the Iplanet webserver
> when
> I use the "manage users" screens.  I can even ADD
> users
>  to my LDAP server from the Iplanet admin server. 
> The
> users populate LDAP correctly.
> My problem is 'restricting access' to certain
> directories on the web server.  I set up the ACL to
> 'deny all', then 'allow authenticated people only'.
> I have it set to allow "All in the authentication
> database"
> Authentication Methods: Default
> Authentication Database: Default
>   ( I also tried the Default LDAP as well)
> 
> But, I always get 'access denied', as if I can't
> authenticate.  In the web server 'error' log I see
> the
> following:
> 
> [09/May/2001:17:39:47] security (14441): [NSACL4330]
> ACL_GetAttribute: attr getter failed to get user
>         [NSACL4330] ACL_GetAttribute: attr getter
> failed to get isvalid-password
>         [NSACL5860] ldap password check: LDAP error:
> "ldaputil internal error"
> [09/May/2001:17:39:47] security (14441): for host
> 192.168.77.26 trying to GET /i
> ndex.html, acl-state reports: access of
> /space/iplanet/naldn/index.html denied by ACL
> default
> directive 2
> [09/May/2001:17:39:47] security (14441): for host
> 192.168.77.26 trying to GET /index.html, acl-state
> reports: access of /space/iplanet/naldn/index.html
> denied because evaluation of ACL default directive 2
> failed
> 
> It's so odd to me, because I know I'm talking to the
> LDAP and I am even able to 
> MODIFY/ADD to the database from the web server.
> 
> Any help at all would be greatly appreciated.
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Auctions - buy the things you want at great
> prices
> http://auctions.yahoo.com/


__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/

Follow-Ups:
- Re: OpenLDAP 1.2 and Iplanet 4.1 Web server
  - From: Joseph Spenner <joseph85750@yahoo.com>

References:
- OpenLDAP 1.2 and Iplanet 4.1 Web server
  - From: Joseph Spenner <joseph85750@yahoo.com>

Prev by Date: Re: slave doesn't update master ?
Next by Date: RE: slave doesn't update master ?
Index(es):
- Chronological
- Thread