aspose file tools *
The moose likes Tomcat and the fly likes Tomcat (Tomcat Manager) Authentication with AD ----problem Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat (Tomcat Manager) Authentication with AD ----problem" Watch "Tomcat (Tomcat Manager) Authentication with AD ----problem" New topic
Author

Tomcat (Tomcat Manager) Authentication with AD ----problem

Lucky Pikolo
Greenhorn

Joined: Jul 30, 2009
Posts: 1
My problem .... (Apache Tomcat/6.0.20)

How do I configure apache to use active directory for authentication
How do I configure the apache realm to use active directory for authentication through LDAP
I configure my realm like so:

SERVER.XML

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"

connectionName="CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

connectionPassword="PASSWD"

connectionURL="ldap://opAGC.rp:389"


userBase="OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

userSearch="(sAMAccountName={0})"

userSubtree="true"

roleBase="OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

roleName="cn"

roleSearch="(uniqueMember={0})"

roleSubtree="true"

referrals="follow"

/>

*******************************************************************************
WEB.XML (Manager TOMCAT)

<servlet>
<servlet-name>Manager</servlet-name>
<servlet-class>org.apache.catalina.manager.ManagerServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>2</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>HTMLManager</servlet-name>
<servlet-class>org.apache.catalina.manager.HTMLManagerServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>2</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>Status</servlet-name>
<servlet-class>org.apache.catalina.manager.StatusManagerServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
</servlet>

<servlet>
<servlet-name>JMXProxy</servlet-name>
<servlet-class>org.apache.catalina.manager.JMXProxyServlet</servlet-class>
</servlet>

<!-- Define the Manager Servlet Mapping -->
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/list</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/expire</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/sessions</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/start</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/stop</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/install</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/remove</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/deploy</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/undeploy</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/reload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/save</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/serverinfo</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/roles</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/resources</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Status</servlet-name>
<url-pattern>/status/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>JMXProxy</servlet-name>
<url-pattern>/jmxproxy/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HTMLManager</servlet-name>
<url-pattern>/html/*</url-pattern>
</servlet-mapping>

<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>HTMLManger and Manager command</web-resource-name>
<url-pattern>/jmxproxy/*</url-pattern>
<url-pattern>/html/*</url-pattern>
<url-pattern>/list</url-pattern>
<url-pattern>/expire</url-pattern>
<url-pattern>/sessions</url-pattern>
<url-pattern>/start</url-pattern>
<url-pattern>/stop</url-pattern>
<url-pattern>/install</url-pattern>
<url-pattern>/remove</url-pattern>
<url-pattern>/deploy</url-pattern>
<url-pattern>/undeploy</url-pattern>
<url-pattern>/reload</url-pattern>
<url-pattern>/save</url-pattern>
<url-pattern>/serverinfo</url-pattern>
<url-pattern>/status/*</url-pattern>
<url-pattern>/roles</url-pattern>
<url-pattern>/resources</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- NOTE: This role is not present in the default users file -->
<role-name>OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx</role-name>
</auth-constraint>
</security-constraint>

<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat Manager TEST</realm-name>
</login-config>

<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to the Manager Application
</description>
<role-name>OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx</role-name>
</security-role>


<error-page>
<error-code>401</error-code>
<location>/401.jsp</location>
</error-page>

</web-app>

**********************************************************



but I get forwarded to an HTTP 403 error:

HTTP Status 403 - Access to the requested resource has been denied
type Status report
message Access to the requested resource has been denied
description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
Apache Tomcat/6.0.20


***************************************************************
My Activ Directory Windows 2003:

sAMAccountName->
Object :CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx
Value: X


cn->
object: CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx
Value:X

**************************************************************

Maneesh Godbole
Saloon Keeper

Joined: Jul 26, 2007
Posts: 10537
    
    9

Luckymam Xxx wrote:


Please check your private messages for an important administrative matter


[How to ask questions] [Donate a pint, save a life!] [Onff-turn it on!]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Tomcat (Tomcat Manager) Authentication with AD ----problem