Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id F127EB185 for ; Fri, 6 Jan 2012 15:05:54 +0000 (UTC) Received: (qmail 6110 invoked by uid 500); 6 Jan 2012 15:05:51 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 5692 invoked by uid 500); 6 Jan 2012 15:05:40 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 5658 invoked by uid 99); 6 Jan 2012 15:05:39 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 06 Jan 2012 15:05:39 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of knst.kolinko@gmail.com designates 209.85.220.173 as permitted sender) Received: from [209.85.220.173] (HELO mail-vx0-f173.google.com) (209.85.220.173) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 06 Jan 2012 15:05:33 +0000 Received: by vcbfo1 with SMTP id fo1so1572824vcb.18 for ; Fri, 06 Jan 2012 07:05:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=e52YdXsN75BbbJrI/k184Ck7rp/kOwx9IfW9il+FpJE=; b=jDKoara5MZInZUqHBBCbHRbp7HTwYH9I/FWWjESxuDzft5pOXmlLsWZF+9AFHhItoy rlC5Xd+4kORkoki2FQOx9l6dblBcsFYdIOpoxKs/oaqbO2wiucQ3upa43y9sZiaPxA+Y ALKk+jg+0TPPZdb6NCjTvpNoTjBWs2DwkkAUM= MIME-Version: 1.0 Received: by 10.52.240.226 with SMTP id wd2mr3189524vdc.50.1325862312747; Fri, 06 Jan 2012 07:05:12 -0800 (PST) Received: by 10.52.93.243 with HTTP; Fri, 6 Jan 2012 07:05:12 -0800 (PST) In-Reply-To: References: Date: Fri, 6 Jan 2012 19:05:12 +0400 Message-ID: Subject: Re: Tomcat and LDAP (handling password expiration) From: Konstantin Kolinko To: Tomcat Users List Content-Type: text/plain; charset=ISO-8859-1 2012/1/6 sigzero : > The scenario is that Tomcat (6) is sitting on Windows and it talks to > an LDAP server sitting on Linux (RHEL). What is the best way to handle > the Tomcat LDAP account password expiring? I know that the password > needs to change on the LDAP and the Tomcat server.xml file needs to be > updated. I see no go way to automate that and the only workaround that > I see is to have the Tomcat LDAP account password not expire. > > Any suggestions? > Change it proactively before it expires? In any way you would have to restart Tomcat (unless the component that uses the password can be restarted separately or can be managed through JMX). You may want to look here for options of moving the password outside the file: https://wiki.apache.org/tomcat/FAQ/Password Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org