I am attempting to get the SingleSignOn valve to challenge requests to
my web application.
I have a basic LDAP setup and would like the validation to be routed to
the LDAP.
The engine portion of server.xml is as follows:
<Engine name="Catalina" defaultHost="localhost">
<!--<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>-->
<Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionName="dc=site,dc=com"
userPattern="uid={0},ou=People,dc=site,dc=com"
connectionURL="ldap://ldap:389"/>
<Host name="localhost"
appBase="webapps"
unpackWARs="true"
autoDeploy="true"
xmlValidation="false"
xmlNamespaceAware="false">
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
</Host>
</Engine>
I then have the following in my web.xml file :
<web-app>
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Single Sign-on Example</realm-name>
</login-config>
...
However when I access my webapp via the browser
http://127.0.0.1:8080/site/ I am given access to the site without being
challenged.
What might I be doing wrong?
Thanks,
Dan
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
