Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » Apache Tomcat »

Configuring Tomcat to Authenticating with Active Directory

Deepan Chakravarthy

2007-01-28


Hi All,
I am trying to configure one of my application deployed on tomcat to
authenticate with Active Directory. I had configured web.xml and
server.xml as below and I am using Basic mode of Authentication.

Observation:
When i enter the wrong user name and password, tomcat prompts me to
enter username password again. But when I enter the correct Username and
password, tomcat directs me to access denied page.

The following ldapsearch command works fine.

ldapsearch -x -k -h 172.168.1.1 -W -D
"cn=user00,cn=Users,dc=gs,dc=novaglobal,dc=com,dc=sg"




    web.xml
    -------------------------------------------------------------------------------------------------
     
      <servlet>
          <servlet-name>jsp</servlet-name>
   
    <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
          <init-param>
            <param-name>fork</param-name>
            <param-value>false</param-value>
          </init-param>
          <init-param>
            <param-name>xpoweredBy</param-name>
            <param-value>false</param-value>
          </init-param>
          <load-on-startup>3</load-on-startup>
       </servlet>
     
     
     
    <security-constraint>
          <web-resource-collection>
   
    <web-resource-name>YourWebApp</web-resource-name>
               <description> accessible by authenticated users
    of the tomcat role</description>
               <url-pattern>/gridsphere/*</url-pattern>
               <http-method>GET</http-method>
               <http-method>POST</http-method>
               <http-method>PUT</http-method>
               <http-method>DELETE</http-method>
          </web-resource-collection>
          <auth-constraint>
               <description>These roles are allowed
    access</description>
               <role-name>member</role-name>
          </auth-constraint>
    </security-constraint>
     
    <login-config>
          <auth-method>BASIC</auth-method>
          <realm-name>GridSphere</realm-name>
    </login-config>
     
    <security-role>
          <description>Only 'tomcat' role is allowed to access
    this web application</description>
          <role-name>member</role-name>
    </security-role>
                       
     
    ------------------------------------------------------------------------------------------------------------------
     
     
    server.xml
     
     
     
     
    <Realm className="org.apache.catalina.realm.JNDIRealm"
    debug="99"
     
    connectionURL="ldap://172.168.1.1:389"
    connectionName="user00@(protected)"
    connectionPassword="xxxxx"
    referrals="follow"
    userBase="CN=Users,DC=gs,DC=novaglobal,DC=com,DC=sg"
    userSearch="(sAMAccountName={0})"
    userSubtree="true"
    roleBase="CN=Users,DC=gs,DC=novaglobal,DC=com,DC=sg"
    roleName="member"
    roleSubtree="true"
    roleSearch="(member={0})"
    />


--
-----------------------------------------------
Regards
Deepan Chakravarthy N
http://www.codeshepherd.com/
http://sudoku-solver.net/

I am a programmer by day,
I dig grave for other programmers by night.


---------------------------------------------------------------------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)

©2008 junlu.com - Jax Systems, LLC, U.S.A.