This week's book giveaway is in the Java 8 forum.
We're giving away four copies of Java 8 in Action and have Raoul-Gabriel Urma, Mario Fusco, and Alan Mycroft on-line!
See this thread for details.
The moose likes Tomcat and the fly likes Tomcat (Tomcat Manager) Authentication with AD ----problem Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat (Tomcat Manager) Authentication with AD ----problem" Watch "Tomcat (Tomcat Manager) Authentication with AD ----problem" New topic
Author

Tomcat (Tomcat Manager) Authentication with AD ----problem

Lucky Pikolo
Greenhorn

Joined: Jul 30, 2009
Posts: 1
My problem .... (Apache Tomcat/6.0.20)

How do I configure apache to use active directory for authentication
How do I configure the apache realm to use active directory for authentication through LDAP
I configure my realm like so:

SERVER.XML

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"

connectionName="CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

connectionPassword="PASSWD"

connectionURL="ldap://opAGC.rp:389"


userBase="OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

userSearch="(sAMAccountName={0})"

userSubtree="true"

roleBase="OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

roleName="cn"

roleSearch="(uniqueMember={0})"

roleSubtree="true"

referrals="follow"

/>

*******************************************************************************
WEB.XML (Manager TOMCAT)

<servlet>
<servlet-name>Manager</servlet-name>
<servlet-class>org.apache.catalina.manager.ManagerServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>2</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>HTMLManager</servlet-name>
<servlet-class>org.apache.catalina.manager.HTMLManagerServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>2</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>Status</servlet-name>
<servlet-class>org.apache.catalina.manager.StatusManagerServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
</servlet>

<servlet>
<servlet-name>JMXProxy</servlet-name>
<servlet-class>org.apache.catalina.manager.JMXProxyServlet</servlet-class>
</servlet>

<!-- Define the Manager Servlet Mapping -->
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/list</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/expire</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/sessions</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/start</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/stop</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/install</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/remove</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/deploy</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/undeploy</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/reload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/save</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/serverinfo</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/roles</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/resources</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Status</servlet-name>
<url-pattern>/status/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>JMXProxy</servlet-name>
<url-pattern>/jmxproxy/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HTMLManager</servlet-name>
<url-pattern>/html/*</url-pattern>
</servlet-mapping>

<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>HTMLManger and Manager command</web-resource-name>
<url-pattern>/jmxproxy/*</url-pattern>
<url-pattern>/html/*</url-pattern>
<url-pattern>/list</url-pattern>
<url-pattern>/expire</url-pattern>
<url-pattern>/sessions</url-pattern>
<url-pattern>/start</url-pattern>
<url-pattern>/stop</url-pattern>
<url-pattern>/install</url-pattern>
<url-pattern>/remove</url-pattern>
<url-pattern>/deploy</url-pattern>
<url-pattern>/undeploy</url-pattern>
<url-pattern>/reload</url-pattern>
<url-pattern>/save</url-pattern>
<url-pattern>/serverinfo</url-pattern>
<url-pattern>/status/*</url-pattern>
<url-pattern>/roles</url-pattern>
<url-pattern>/resources</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- NOTE: This role is not present in the default users file -->
<role-name>OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx</role-name>
</auth-constraint>
</security-constraint>

<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat Manager TEST</realm-name>
</login-config>

<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to the Manager Application
</description>
<role-name>OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx</role-name>
</security-role>


<error-page>
<error-code>401</error-code>
<location>/401.jsp</location>
</error-page>

</web-app>

**********************************************************



but I get forwarded to an HTTP 403 error:

HTTP Status 403 - Access to the requested resource has been denied
type Status report
message Access to the requested resource has been denied
description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
Apache Tomcat/6.0.20


***************************************************************
My Activ Directory Windows 2003:

sAMAccountName->
Object :CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx
Value: X


cn->
object: CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx
Value:X

**************************************************************

Maneesh Godbole
Saloon Keeper

Joined: Jul 26, 2007
Posts: 9995
    
    7

Luckymam Xxx wrote:


Please check your private messages for an important administrative matter


[How to ask questions] [Donate a pint, save a life!] [Onff-turn it on!]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Tomcat (Tomcat Manager) Authentication with AD ----problem
 
Similar Threads
OpenLdap Authentication migration from Jboss5.1 to WebLogic 10.3.3
restricting access to a jsp
DispatchAction No action instance for path ...
Unable to login to manager GUI
Who is this guy?