Message-
From: Mark Thomas
Sent: Tuesday, October 8, 2019 1:01 PM
To: users@tomcat.apache.org
Subject: Re: Tomcat 7 HTTPS and LDAP authentication issue
On 08/10/2019 19:52, John Beaulaurier -X (jbeaulau - ADVANCED NETWORK
INFORMATION INC at Cisco) wrote:
> Hi Mark,
>
> How are you config
SSLProtocol="all" />
>
> How are you configuring TLS for LDAP?
>
> Do you mean inside Tomcat?
Yes. Or is the authentication happening in httpd?
Mark
>
> Thanks
> -John
>
> -Original Message-
> From: Mark Thomas
> Sent: Tuesday, Octob
Hi Mark,
How are you configuring TLS for the Connector?
How are you configuring TLS for LDAP?
Do you mean inside Tomcat?
Thanks
-John
-Original Message-
From: Mark Thomas
Sent: Tuesday, October 8, 2019 11:07 AM
To: users@tomcat.apache.org
Subject: Re: Tomcat 7 HTTPS and LDAP
On 08/10/2019 18:55, John Beaulaurier -X (jbeaulau - ADVANCED NETWORK
INFORMATION INC at Cisco) wrote:
> Hello,
>
> We have an application running on Tomcat 7.0.96. The application handles
> authentication by accessing an internal LDAPS host by using credentials, a
> keystore, and the
> LDAPS ho
Hello,
We have an application running on Tomcat 7.0.96. The application handles
authentication by accessing an internal LDAPS host by using credentials, a
keystore, and the
LDAPS hostname and port from an external file from the application and from
Tomcat. This works with no issues, until I ena
catalina.realm.JNDIRealm" debug="99"
>> connectionURL="ldap:// " connectionName="ldap@company "
>> connectionPassword="password" referrals="follow"
>> userBase="DC=" userSearch="(sAMAccountName={0})"
>>
On 27.03.2017 13:07, Alfie Patolilic wrote:
-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: 27 March 2017 11:12
To: users@tomcat.apache.org
Subject: Re: LDAP authentication for Tomcat's webapp 'Opengrok'
On 27.03.2017 11:01, Alfie Patolilic
-Original Message-
From: André Warnier (tomcat) [mailto:a...@ice-sa.com]
Sent: 27 March 2017 11:12
To: users@tomcat.apache.org
Subject: Re: LDAP authentication for Tomcat's webapp 'Opengrok'
On 27.03.2017 11:01, Alfie Patolilic wrote:
> Tomcat Version : 6.0.36
> OS
On 27.03.2017 11:01, Alfie Patolilic wrote:
Tomcat Version : 6.0.36
OS : Red Hat Enterprise Linux 7.3
Hello,
I have a question on how I am able to set the following, regarding the web
application that runs under Apache Tomcat, 'Opengrok'. The idea is to set a
hostname for 'localhost:8080/grok
Tomcat Version : 6.0.36
OS : Red Hat Enterprise Linux 7.3
Hello,
I have a question on how I am able to set the following, regarding the web
application that runs under Apache Tomcat, 'Opengrok'. The idea is to set a
hostname for 'localhost:8080/grok', so when users try and access the page via
Tomcat Version : 6.0.36
OS : Red Hat Enterprise Linux 7.3
Hello,
I have a question on how I am able to set the following, regarding the web
application that runs under Apache Tomcat, 'Opengrok'. The idea is to set a
hostname for 'localhost:8080/grok', so when users try and access the page via
Alfie Patolilic would like to recall the message, "LDAP authentication for
Tomcat's webapp 'Opengrok'".
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Alfie Patolilic would like to recall the message, "LDAP authentication for
Tomcat's webapp 'Opengrok'".
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Frédéric,
On 4/22/14, 4:15 PM, Frédéric Poliquin wrote:
>> When you say that you put a reverse proxy in front of Tomcat...
>> do you mean that you pushed the authentication out to the proxy
>> layer?
>
> Yes, I'm delegating everything to HTTPD usin
> When you say that you put a reverse proxy in front of Tomcat... do you mean
> that you pushed the authentication out to the proxy layer?
Yes, I'm delegating everything to HTTPD using an AJP connector.
> This means that if the user changes their password or the group-membership
> changes on th
On 4/22/2014 12:16 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Frédéric,
On 4/22/14, 12:38 PM, Frédéric Poliquin wrote:
Passwords are protected using standard SSL. Eventually, the plan
is to move towards OAuth 2.0 with a cookie/security token but until
then I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Frédéric,
On 4/22/14, 12:38 PM, Frédéric Poliquin wrote:
> Passwords are protected using standard SSL. Eventually, the plan
> is to move towards OAuth 2.0 with a cookie/security token but until
> then I needed a quick solution...
>
> For the other
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Frédéric,
On 4/22/14, 11:33 AM, Frédéric Poliquin wrote:
> << What if you disable authentication entirely as a test... do
> things speed-up?>> Answer is YES << Do you have a problem only
> under load or also when you are testing a single-user?>> Sin
to re-authenticate to AD/LDAP with every request, no ?
(I stand corrected, with the documentation Frédéric points to in a later post :
http://httpd.apache.org/docs/current/mod/mod_ldap.html#cache
httpd does cache the LDAP authentication information, independently of
sessions).
So that probably
igine-
De : Leo Donahue [mailto:donahu...@gmail.com]
Envoyé : 22 avril 2014 12:01
À : Tomcat Users List
Objet : Re: Stateless application is very slow using LDAP authentication
On Tue, Apr 22, 2014 at 8:48 AM, André Warnier wrote:
> Frédéric Poliquin wrote:
>
>> << What if you
On Tue, Apr 22, 2014 at 8:48 AM, André Warnier wrote:
> Frédéric Poliquin wrote:
>
>> << What if you disable authentication entirely as a test... do things
>> speed-up?>> Answer is YES
>> << Do you have a problem only under load or also when you are testing a
>> single-user?>> Single user
>>
>> W
e Server which solved my problem.
Maybe it could be a good new feature to add in future releases...
Can you explain how this solved your problem ?
If you are using Basic Authentication, without sessions, even httpd would need to
re-authenticate to AD/LDAP with every request, no ?
Maybe the AD/
<< What if you disable authentication entirely as a test... do things
speed-up?>> Answer is YES
<< Do you have a problem only under load or also when you are testing a
single-user?>> Single user
What I did is to put Tomcat behind an Apache Server which solved my problem.
Maybe it could be a goo
ain."
>
> Does Tomcat have a cache outside the http session? Is there a
> workaround to get one? Does Tomcat can be used as a simple file
> server with LDAP authentication?
>
> We are using Tomcat 7.0.53 with JDK 1.7.0_55 on Windows Server
> 2008 R2.
Have you used a profiler
The goal is to have a friendly cloud and cluster application. By removing all
sessions, I can shut down any node at any time. It is mostly a JavaScript
application relying on REST services.
-
To unsubscribe, e-mail: users-unsu
p session? Is there a workaround to get
one?
Does Tomcat can be used as a simple file server with LDAP authentication?
You should probably describe your application a bit more, and also explain why you seem to
be adverse to sessions.
That's because it seems to me that using sessions would
for an already authenticated user will not
be reflected until the next time that user logs on again."
Does Tomcat have a cache outside the http session? Is there a workaround to get
one?
Does Tomcat can be used as a simple file server with LDAP authentication?
We are using Tomcat 7.0.53 w
> André Warnier
> 14.02.2012 16:00
>
> Please respond to
> "Tomcat Users List"
>
> To
>
> Tomcat Users List
>
> cc
>
> Subject
>
> Re: Fw: Problems with LDAP authentication
>
> Lev A KARATUN wrote:
> > Good morning
Lev A KARATUN wrote:
Good morning everyone!
Well, I've got no idea what happened (providing nobody is configuring
tomcat except me), but I've just opened catalina.out and have seen that
the error message changed to
"Exception opening directory server connection: javax
.naming.CommunicationEx
ee="true"
roleSearch="(member={0})"
adCompat="true"/>
Thanks in advance.
Best Regards,
Karatun Lev,
Felix Schumacher wrote on 10.02.2012
21:51:25:
> Felix Schumacher
> 10.02.2012 21:52
>
> Please respond to
> "Tomcat Users L
> André Warnier
> 10.02.2012 18:02
>
> Please respond to
> "Tomcat Users List"
>
> To
>
> Tomcat Users List
>
> cc
>
> Subject
>
> Re: Fw: Problems with LDAP authentication
>
> Lev A KARATUN wrote:
> ...
>
> >&g
Am Freitag, den 10.02.2012, 16:54 +0400 schrieb Lev A KARATUN:
> Felix Schumacher wrote on 10.02.2012
> 15:31:43:
>
> > Felix Schumacher
> > 10.02.2012 15:32
> >
>
> > >
> > > Hi again.
> > >
> > > So, my boss to
Lev A KARATUN wrote:
...
I've been reading the manuals for some time, and configured my
Tomcat
the
following way:
$CATALINA_BASE/conf/Catalina/localhost/myapp.xml
...
That's why Felix said that he thought that this config wasn't the one
being used.
What is the name of the Context xml
> Pid
> 10.02.2012 17:35
>
> Please respond to
> "Tomcat Users List"
>
> To
>
> Tomcat Users List
>
> cc
>
> Subject
>
> Re: Fw: Problems with LDAP authentication
>
> On 10/02/2012 12:54, Lev A KARATUN wrote:
> > P
gt; "Tomcat Users List"
>>
>> To
>>
>> Tomcat Users List
>>
>> cc
>>
>> Subject
>>
>> Re: Fw: Problems with LDAP authentication
>>
>> Am 10.02.2012 11:43, schrieb Lev A KARATUN:
>>> Does anybody have an idea?..
> Karatun Lev,
>
>
>
>
> Pid
> 10.02.2012 15:33
> Please respond to
> "Tomcat Users List"
>
>
> To
> Tomcat Users List
> cc
>
> Subject
> Re: Fw: Problems w
Please see my answers below.
Best Regards,
Karatun Lev,
Felix Schumacher wrote on 10.02.2012
15:31:43:
> Felix Schumacher
> 10.02.2012 15:32
>
> Please respond to
> "Tomcat Users List"
>
> To
>
> Tomcat Users List
>
> cc
>
> Subje
from / to the logs
folder into my letter and so I wrote just $CATALINA_BASE.
Best Regards,
Karatun Lev,
Pid
10.02.2012 15:33
Please respond to
"Tomcat Users List"
To
Tomcat Users List
cc
Subject
Re: Fw: Problems with LDAP authentication
On 10/02/2012 10:43, Lev A KARATU
On 10/02/2012 10:43, Lev A KARATUN wrote:
> Does anybody have an idea?..
>
>
>
> Hi again.
>
> So, my boss told me that it's insecure to give anyone the password to view
> tomcat's logs and that should be an authen
Am 10.02.2012 11:43, schrieb Lev A KARATUN:
Does anybody have an idea?..
Hi again.
So, my boss told me that it's insecure to give anyone the password to
view
tomcat's logs and that should be an authentication b
Does anybody have an idea?..
Hi again.
So, my boss told me that it's insecure to give anyone the password to view
tomcat's logs and that should be an authentication based on Active
Directory.
I've been reading th
Hi again.
So, my boss told me that it's insecure to give anyone the password to view
tomcat's logs and that should be an authentication based on Active
Directory.
I've been reading the manuals for some time, and configured my Tomcat the
following way:
$CATALINA_BASE/conf/Catalina/localhost/my
Hehehe thanks anyway, i appreciate it. But yes, it was the comparison and the
case of both words.
Le 27/09/2010 à 21:57, Bob Hall a écrit :
> Oops, just saw the [solved] msg...
>
> --- On Mon, 9/27/10 at 7:55 PM, Bob Hall wrote:
>
>> --- On Mon, 9/27/10 at 11:24 AM, Caldarale, Charles R
>>
Oops, just saw the [solved] msg...
--- On Mon, 9/27/10 at 7:55 PM, Bob Hall wrote:
> --- On Mon, 9/27/10 at 11:24 AM, Caldarale, Charles R
>
> wrote:
>
> > > The security-role is right below the
> > security-constraint
> > > closing tag and above the login-config opening
> tag.
> >
> > Sorry
Julio,
--- On Mon, 9/27/10 at 11:24 AM, Caldarale, Charles R
wrote:
> > The security-role is right below the
> security-constraint
> > closing tag and above the login-config opening tag.
>
> Sorry, I missed it. However, the
> element normally comes /after/
> ; not sure if that's required by
mail.com]
>> Subject: Re: Tomcat ldap authentication with 403 Forbidden error
>
>> The security-role is right below the security-constraint
>> closing tag and above the login-config opening tag.
>
> Sorry, I missed it. However, the element normally comes
> /after
> From: Julio César Chaves Fernández [mailto:hent...@gmail.com]
> Subject: Re: Tomcat ldap authentication with 403 Forbidden error
> The security-role is right below the security-constraint
> closing tag and above the login-config opening tag.
Sorry, I missed it. However,
Charles R <
chuck.caldar...@unisys.com> wrote:
> > From: Julio César Chaves Fernández [mailto:hent...@gmail.com]
> > Subject: Tomcat ldap authentication with 403 Forbidden error
>
> > i'm working with Tomcat
>
> What *exact* version?
>
> > This is th
> From: Julio César Chaves Fernández [mailto:hent...@gmail.com]
> Subject: Tomcat ldap authentication with 403 Forbidden error
> i'm working with Tomcat
What *exact* version?
> This is the security section in the app web.xml
I don't see any element in the above, which
Hi, i'm working with Tomcat and i've configured a Realm for user
authentication against Oracle OID. Sniffing the communication between the
client and the OID server everything seems to be fine, but when the user
authenticates the application then displays the 403 forbidden error page.
This is the
: Trouble configuring LDAP authentication
> "Geofrey Rainey" wrote in message
>
news:fcff2ec7a020964fbc98b17f17a88ac4018ba...@akvxch01.tvnzad.tvnz.co.nz
...
> I remember the big issue I faced regarding the JNDIRealm auth were the
> parameters in my Realm definition, there
> "Geofrey Rainey" wrote in message
> news:fcff2ec7a020964fbc98b17f17a88ac4018ba...@akvxch01.tvnzad.tvnz.co.nz...
> I remember the big issue I faced regarding the JNDIRealm auth were the
> parameters in my Realm definition, there was one line that once added
> Everything started working, I think
e.org/tomcat/Logging_Tutorial
-Original Message-
From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric B.
Sent: Friday, 7 August 2009 1:49 p.m.
To: users@tomcat.apache.org
Subject: Re: Trouble configuring LDAP authentication
> "Geofrey Rainey" wrote in message
> I had t
> "Geofrey Rainey" wrote in message
> I had this same issue, both with JNDIRealm, and logging.
>
> Firstly the JNDIRealm; I was authenticating to an AD server and couldn't
> get the parameters right in my Realm definition. This is how I resolved
> it - this realm definition resides within an Engi
ssage-
From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric B.
Sent: Friday, 7 August 2009 8:49 a.m.
To: users@tomcat.apache.org
Subject: Trouble configuring LDAP authentication
Hi,
I'm trying to get the JNDIRealms working using my LDAP server in Tomcat
6.0.18 for the manager and admi
Hi,
I'm trying to get the JNDIRealms working using my LDAP server in Tomcat
6.0.18 for the manager and admin applications and am having difficulty
getting them to work. I tried following instructions in the tomcat doc
site, and think I have things fairly well set up. I have enabled full logs
on
I have a strange problem. I have a simple app that needs to
authenticate via ldap.
I am using:
tomcat 6.0.16.
eclipse 3.3
Debian (etch in production, lenny on development)
On my development machine I have no problems. I run tomcat from eclipse 3.3.
The production server is a virtual machine.
roleSearch="(memberUid={1})"/>
On May 14, 2008, at 10:44 AM, [EMAIL PROTECTED] wrote:
From: Christopher Schultz <[EMAIL PROTECTED]>
Date: May 14, 2008 9:52:00 AM PDT
To: Tomcat Users List
Subject: Re: Tomcat LDAP Authentication
Instructions for config
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John,
John Russell wrote:
| [Resubmitted. I did not see this appear in the digest, if you have
| seen this before and replied, please accept my apologies]
It came through before. You might have missed the cutoff for the digest
- -- or maybe just mi
Hi,
[Resubmitted. I did not see this appear in the digest, if you have
seen this before and replied, please accept my apologies]
Is there a command line method to test an LDAP configuration?
I could not find any log messages after basic authentication was denied.
Perhaps the authentication log
Hi,
Is there a command line method to test an LDAP configuration?
I could not find any log messages after basic authentication was denied.
Perhaps the authentication log is not in $CATALINA_HOME/logs?
ldap://192.168.16.179";
userPattern="uid={0},ou=users,dc=mail,dc=owd,dc=net"
> From: John Russell [mailto:[EMAIL PROTECTED]
> Subject: Newbie: Tomcat LDAP Authentication
>
> 4) modified conf/web.xml to enable security-constraint
Do you really want to modify conf/web.xml? Such security constraints
will then apply to every webapp you have deployed, requiring
John Russell wrote:
Hi,
I'm new to Tomcat though familiar with Apache, I'm trying to configure
Authentication to an LDAP server but I've missed a step somewhere.
From the documentation for JNDIRealm at
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
0) I obtained ldap-1_2_4.zip from
Hi,
I'm new to Tomcat though familiar with Apache, I'm trying to configure
Authentication to an LDAP server but I've missed a step somewhere.
From the documentation for JNDIRealm at
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
0) I obtained ldap-1_2_4.zip from Sun Microsystems.
1)
we have tried it with the following..
IE6 and 7 on windows
IE6 on linux (using ie4linux and wine)
Firefox 2.0.12 on windows and on linux
all behave the same..
all the tools we have to get information out from the ldap gives us the
username out in utf-8 correctly so for me it looks like it is s
ofcourse, it would be better, but unfourtunally it is not up to me to
enforce this policy, and we already have a lot of users with those
character in both username and/or password..
we had the system up and running before but after switching the website
over from ISO-8859-1 to UTF-8 it i sno l
I think that better is for userID and passwords don't use national
characters. In Latvia we time after time have similar problems ...
Andris Eiduks
On Fri, Feb 29, 2008 at 9:53 AM, Antonio Petrelli <
[EMAIL PROTECTED]> wrote:
> 2008/2/20, Christian Andersson <[EMAIL PROTECTED]>:
> > all our htm
2008/2/20, Christian Andersson <[EMAIL PROTECTED]>:
> all our html pages uses the utf-8 encoding, using slapcat and looking at
> the content the data inside openldap seems to be using utf-8 (the output
> from slapcat is at least utf-8,but I don't know if slapcat converts
> anything)
This might
anyone ?
Christian Andersson skrev:
Hi, we have setup Tomcat (6.0.10) to authenticate using form
authentication against openldap (2.3.27) with the jndirealm and
everything works alright except one little bit of a problem.
if the user name has national characters in it (åæø for norwegian) or
Hi, we have setup Tomcat (6.0.10) to authenticate using form
authentication against openldap (2.3.27) with the jndirealm and
everything works alright except one little bit of a problem.
if the user name has national characters in it (åæø for norwegian) or
the password does, the user cannot aut
Hi,
I'm getting started with Tomcat's Realm authentication with LDAP. I've
performed the following steps to authenticate users in my web application :
- put ldap.jar in $TOMCAT_HOME/common/lib
- modified $TOMCAT_HOME/conf/server.xml as follows :
ldap://my_url:389";
use
Hiya;
I'm trying to get LDAP authentication working correctly in my app,
but I'm not having a lot of success. Single-stepping with a debugger
seems to say that roles aren't getting loaded correctly from LDAP,
and sometimes it appears, in my openLDAP logs, that I'm doin
Hi,
I have an application that when run under Tomcat 5.5.9, behaves
nicely in terms of LDAP authentication. However, when I move this
application to Tomcat 5.5.17, authentication is broken (I am
presented with the username/password screen from Tomcat, but it is as
if Tomcat never connects to
Hi Pulkit,
Thanks for the suggestions. After MUCH testing and searching, it did turn
out to be the LDAP's configuration and not Tomcat. I verified this by
authenticating to another test LDAP server we had. The original LDAP we
were authenticating to isn't commercial or publicly distributed softw
Hello,
> However, if we enter in a
> correct username/password combination, it binds correctly, however it just
> hangs there as if it were awaiting response. The LDAP logs indicate that
> it did successfully bind correctly with the username/password combination,
> but no search was performed.
>
Nobody?
On 1/6/06, Derrick Woo <[EMAIL PROTECTED]> wrote:
>
> I'm having a bit of a tough time getting Tomcat5 to authenticate correctly
> to our LDAP server. It connects using the service account, and then
> attempts to bind using the username and password entered at the login page
> to confirm
I'm having a bit of a tough time getting Tomcat5 to authenticate correctly
to our LDAP server. It connects using the service account, and then
attempts to bind using the username and password entered at the login page
to confirm if it is valid.
As it is set up right now, if an invalid username/pa
77 matches
Mail list logo
