tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Luis Durán <ele...@cantv.net>
Subject Tomcat JNDI Realm + Active Directory Server
Date Tue, 19 Jul 2005 23:22:41 GMT
I had a hard time trying to configure Tomcat to authenticate with MS
Active Directory Service, i tried a lot of samples, i edited them but i
didn't get nothing. This is the last configuration i tried:

/META-INF/context-xml:

<?xml version="1.0" encoding="UTF-8"?>

<Context path="/moretests">
    <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
        connectionURL="ldap://192.168.200.2:389"
        referrals="follow"
        userBase="cn=Users,dc=w2ksvr,dc=local"
        userSearch="(sAMAccountName={0})"
        userSubtree="true"
        userRoleName="memberOf"
        roleBase="cn=Users,dc=w2ksvr,dc=local"
        roleSearch="(sAMAccountName={0})"
        roleSubtree="true"
        rolename="cn" />
</Context>

I gave the shot to the bind mode and to the password comparison mode
with any results.

/WEB-INF/web.xml:

<?xml version="1.0" encoding="UTF-8"?>

<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
	 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	 xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
	 version="2.4">
    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>moretests</realm-name>
    </login-config>
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <welcome-file-list>
	<welcome-file>
            index.jsp
        </welcome-file>
    </welcome-file-list>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>whole site</web-resource-name>
            <url-pattern>/*</url-pattern>
            <http-method>GET</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>prueba</role-name>
        </auth-constraint>
    </security-constraint>
    <security-role>
        <description>Usuario</description>
        <role-name>prueba</role-name>
    </security-role>
</web-app>

Of course, i have created that group inside ADS and populated it with a
user called elebis with a simple password. I even browsed ADS with ldap
browser and everything seemed ok,

Does anybody know why am I doing wrong? Can anybody help me to work
around it?

Thanks in advanced, pals

-- 

Luis Edgardo Durán Lebis
Soporte Técnico y Sistemas
http://mipagina.cantv.net/elebis
elebis@cantv.net
0416-7580991


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message