Hi All,
I am trying to configure one of my application deployed on tomcat to
authenticate with Active Directory. I had configured web.xml and
server.xml as below and I am using Basic mode of Authentication.
Observation:
When i enter the wrong user name and password, tomcat prompts me to
enter username password again. But when I enter the correct Username and
password, tomcat directs me to access denied page.
The following ldapsearch command works fine.
ldapsearch -x -k -h 172.168.1.1 -W -D
"cn=user00,cn=Users,dc=gs,dc=novaglobal,dc=com,dc=sg"
web.xml
-------------------------------------------------------------------------------------------------
<servlet>
<servlet-name>jsp</servlet-name>
<servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
<init-param>
<param-name>fork</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>xpoweredBy</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>3</load-on-startup>
</servlet>
<security-constraint>
<web-resource-collection>
<web-resource-name>YourWebApp</web-resource-name>
<description> accessible by authenticated users
of the tomcat role</description>
<url-pattern>/gridsphere/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description>These roles are allowed
access</description>
<role-name>member</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>GridSphere</realm-name>
</login-config>
<security-role>
<description>Only 'tomcat' role is allowed to access
this web application</description>
<role-name>member</role-name>
</security-role>
------------------------------------------------------------------------------------------------------------------
server.xml
<Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://172.168.1.1:389";
connectionName="[EMAIL PROTECTED]"
connectionPassword="xxxxx"
referrals="follow"
userBase="CN=Users,DC=gs,DC=novaglobal,DC=com,DC=sg"
userSearch="(sAMAccountName={0})"
userSubtree="true"
roleBase="CN=Users,DC=gs,DC=novaglobal,DC=com,DC=sg"
roleName="member"
roleSubtree="true"
roleSearch="(member={0})"
/>
--
-----------------------------------------------
Regards
Deepan Chakravarthy N
http://www.codeshepherd.com/
http://sudoku-solver.net/
I am a programmer by day,
I dig grave for other programmers by night.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
