Re: Newbie: Tomcat LDAP Authentication

Mon, 12 May 2008 17:23:28 -0700 

John Russell wrote:

Hi,

I'm new to Tomcat though familiar with Apache, I'm trying to configure
Authentication to an LDAP server but I've missed a step somewhere.

From the documentation for JNDIRealm at

http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html

0) I obtained ldap-1_2_4.zip from Sun Microsystems.

1) Copied ldap.jar and ldapsec.jar to $CATALINA_HOME/server/lib

2) modified ./conf/server.xml for https (successful)

3) modified ./conf/server.xml for JNDI

     <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
        connectionURL="ldap://192.168.16.179";
          userPattern="uid={0},ou=users,dc=mail,dc=owd,dc=net"
             roleBase="ou=groups,dc=mail,dc=owd,dc=net"
             roleName="cn"
             roleSearch="(memberUid={0})"/>
<Valve className="org.apache.catalina.authenticator.SingleSignOn" /> 

4) modified conf/web.xml to enable security-constraint

   <security-constraint>
       <web-resource-collection>
           <web-resource-name>Authentication example</web-resource-name>
           <url-pattern>/java-authentication/</url-pattern>
       </web-resource-collection>
       <auth-constraint>
           <role-name>owd</role-name>
       </auth-constraint>
   </security-constraint>
   <login-config>
       <auth-method>FORM</auth-method>
       <form-login-config>
           <form-login-page>/java-authentication/login</form-login-page>
<form-error-page>/java-authentication/login-error</form-error-page> 
       </form-login-config>
   </login-config>
   <security-role>
       <role-name>owd</role-name>
   </security-role>


From what I have read this should work but there is no popup prompt for

you will only get a popup if you specify <auth-method>BASIC</auth-method>
form means it will redirect to the page, however you have specified a URL that is protected as the login page, not sure this will work 

Filip

username and password when accessing the tomcat served pages suggesting
that no attempt to authenticate is being made.

The system is Fedora Core 6 Linux.

Thank you,
John Russell.


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to