I changed our Tomcat 5.5.7 to use LDAP, and now users need to be logged in twice for it to work. The first time they try to log in, he will say "Invalid username or password." After they successfully log in a second time, users can log out and log back in on the first try. This will reset in an hour, and then users will need to log in again twice. During this hour, users will be able to log into the system on the first try from any PC, but after an hour of inactivity someone will have to log into the system twice.
I saw several other posts about this, but not many provided a solution, and those that could not solve my problem.
Here is my Realm configuration:
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://company.com:3268/"
authentication="simple"
referrals="follow"
connectionName="CN=account,OU=Service Accounts,OU=company,DC=company,DC=com"
connectionPassword="xxxx"
connectionTimeout="30000"
userSearch="(sAMAccountName={0})"
userBase="DC=company,DC=com"
userSubtree="true"
roleSearch="(member={0})"
roleName="cn"
roleSubtree="true"
roleBase="DC=company,DC=com"
/>