[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP 1.2 and Iplanet 4.1 Web server



This question is specifically for anyone using LDAP
with Iplanet web servers.

I have an LDAP 1.2 server running on a Linux box.  I
can see all the users from the Iplanet webserver when
I use the "manage users" screens.  I can even ADD
users
 to my LDAP server from the Iplanet admin server.  The
users populate LDAP correctly.
My problem is 'restricting access' to certain
directories on the web server.  I set up the ACL to
'deny all', then 'allow authenticated people only'.
I have it set to allow "All in the authentication
database"
Authentication Methods: Default
Authentication Database: Default
  ( I also tried the Default LDAP as well)

But, I always get 'access denied', as if I can't
authenticate.  In the web server 'error' log I see the
following:

[09/May/2001:17:39:47] security (14441): [NSACL4330]
ACL_GetAttribute: attr getter failed to get user
        [NSACL4330] ACL_GetAttribute: attr getter
failed to get isvalid-password
        [NSACL5860] ldap password check: LDAP error:
"ldaputil internal error"
[09/May/2001:17:39:47] security (14441): for host
192.168.77.26 trying to GET /i
ndex.html, acl-state reports: access of
/space/iplanet/naldn/index.html denied by ACL default
directive 2
[09/May/2001:17:39:47] security (14441): for host
192.168.77.26 trying to GET /index.html, acl-state
reports: access of /space/iplanet/naldn/index.html
denied because evaluation of ACL default directive 2
failed

It's so odd to me, because I know I'm talking to the
LDAP and I am even able to 
MODIFY/ADD to the database from the web server.

Any help at all would be greatly appreciated.

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/