I am using Tomcat 5.5. I need to enable Windows authentication such that when user hits the login.jsp, his credential should be checked against Active Directory domain and move forward to next page,if success. I have already update conf/server.xml and web.xml of my application with some help available on net. Kindly provide some idea.
Welcome to the JavaRanch, Shobhit. Active Directory is an LDAP server, so look at the Tomcat docs that have to do with setting up an LDAP-based security realm. You will also find a lot of stuff on that subject if you use Google.
In order for the Realm to properly control the webapp, the webapp has to have been written to use container-based security and have the appropriate security definitions added to the webapp's web.xml file. They're what determine how the different URLs passed to the webapp are guarded by the security Realm, what the login and loin failure pages are, and what security roles will be applied.
An IDE is no substitute for an Intelligent Developer.
Joined: Feb 19, 2009
Thanks Tim . I read tomcat docs and tried many things but still its not working as it should be. Here is my webapp_root/WEB_INF/Web.xml file :
And server.xml with ldap-settings :
Kindly have a look at the code and suggest me what else should I do to authenticate my intranet application against active directory.Thanks.