tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <Bjoern.Bec...@easycash.de>
Subject Realm ldaps
Date Thu, 27 Mar 2014 15:45:46 GMT
Hello,

I like to change my ldap jndirealm to ldaps.

      <Realm className="org.apache.catalina.realm.LockOutRealm">
		<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
	       		resourceName="UserDatabase"/>
		<Realm className="org.apache.catalina.realm.JNDIRealm"
	        	connectionName="CN=SVC_TomcatLdapQuery,OU=Service Accounts,OU=Hamburg,OU=SITES,OU=\#KONFIGURATION,DC=,DC=de"
			connectionPassword="5o7tLm-2hei5ciJ2z9H-kCWGO2ZRPiLY"
			connectionURL="ldaps://ads1:636/OU=,OU=SITES,OU=\#KONFIGURATION,DC=,DC=de?sAMAccountName?sub?(objectClass=*)"
			alternateURL="ldaps://ads2:636/OU=,OU=SITES,OU=\#KONFIGURATION,DC=,DC=de?sAMAccountName?sub?(objectClass=*)"
			userSearch="(sAMAccountName={0})"
			userSubtree="true"
			userRoleName="memberOf"
			/>
      </Realm>

Unfortunately, it's not working yet. I guess I need to disabled client cert verification,
but I can't find any option for Realms.

Do you know such an option? 


Best Regards,
Bjoern



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message