tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jérôme Delattre" <>
Subject Re: JNDIRealm - mapping LDAP group to security role
Date Thu, 09 Oct 2008 14:13:09 GMT
2008/10/9 Kevin Jackson <>:
>>> I am trying to configure a JNDIRealm to authenticate against an Active
>>> Directory.
>>> The authentication seems to work but I wonder how to map LDAP groups
>>> to security roles.
>>> I do not want to add groups in the LDAP server, but to map existing
>>> ones to the roles defined in my web application instead.
>>> Is it possible ? I did not found any doc / post about this topic.
> You could write a custom JNDIRealm that does the
> mapping/authentication.  I've seen this done with postgres, but not
> with an LDAP server (or AD), but it should be a similar process.  Then
> you add it to tomca/lib and configure your context and web.xml to use
> the custom JNDIRealm instead of the provided realm
> Kev

Thanks Kevin, that's exactly what I finally done! ;-)

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message