Re: server.xml for ldap connection

Tue, 24 Jul 2012 08:47:05 -0700 

----- Original Message -----

> From: Rahul R <rahul.ra...@gmail.com>
> To: Tomcat Users List <users@tomcat.apache.org>
> Cc: 
> Sent: Monday, July 23, 2012 10:28 PM
> Subject: server.xml for ldap connection
> 
> Hi All,
> 
> 
> This is the snippet from my server.xml of my tomcat which takes care of
> ldap connection.
> 
> <Realm className="org.apache.catalina.realm.JNDIRealm"
>                 debug="99"
>                 authentication="simple"
>                 referrals="follow"
>                 userSubtree="true"
>                 roleSubtree="true"
>                 *connectionName="GLOBAL\UserName"*
>                 *connectionPassword="Secret"*
>                 connectionURL="ldap://global.ad.myCompany.com:389";
>                 userBase="dc=Global,dc=ad,dc=myCompany,dc=com"
>                 userSearch="(sAMAccountName={0})"
> 
> roleBase="OU=Groups,OU=PROD,DC=Global,DC=ad,DC=myCompany,DC=com"
>                 roleName="cn"
>                 roleSearch="(&(objectClass=group)(member={0}))"
>          />
> 
> But I have different environments like development, qa, staging etc. Hence
> the functional a/c which connects to the ldap changes accordingly. Is there
> any way to use some variable which reads the username/password from a file?
> So that who ever owns that environment can simply change the
> username/password in that file. There is already a property file in the
> conf folder of the tomcat which is used for taking some environment
> specific values by a jsp file, which is under webapps folder. Can I make
> use of that for having these values? It would be a great help if some one
> can help me here.


Unless you have multiple web applications using the same Realm, it's more 
convenient if you place your Realm under the <Context> element.

You can put your <Context> element in either META-INF/context.xml (which will 
get copied on deployment) or directly in 
CATALINA_BASE/conf/[hostname]/[app-name].xml. [hostname] is usually localhost, 
and [app-name] is the name of your application.

You can then have build targets (for example, if you're using ant) to create a 
development, qa, and staging war file by inserting the right elements (xmltask 
works well) into the context.xml file.

. . . . just my two cents.
/mde/

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to