wood burning stoves 2.0*
The moose likes Websphere and the fly likes How to secure web resources by using MS Active Directory as LDAP Server? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Websphere
Bookmark "How to secure web resources by using MS Active Directory as LDAP Server?" Watch "How to secure web resources by using MS Active Directory as LDAP Server?" New topic
Author

How to secure web resources by using MS Active Directory as LDAP Server?

cb poo
Ranch Hand

Joined: Oct 02, 2002
Posts: 67
Guys,
I would like to secure my web application so that only authenticated user can access my pages.
Which authentication method should I used? Form based or Basic?
My WAS4.0 will be using MS Active Directory as its LDAP Server. When user login in to their PC using the login name that exist in Active Directory, then they would allow to access my web pages without prompt them to key in password. If they are login to their pc with the Login Name not in Active Directory, there should prompt out message box and ask user to key in user name and password in order to access the page.
Anyone knows how to do that?
Kyle Brown
author
Ranch Hand

Joined: Aug 10, 2001
Posts: 3892
    
    5
cbpoo.
First CHANGE YOUR NAME. Your name is in violation of the Javaranch Naming Policy. You've been asked to do this before, and many of us feel that if you're not willing to live with the rules of the Javaranch that we don't feel the need to answer your questions.
Second, this is covered quite well in the InfoCenter (look up section 5 on security) and in the WAS 4.0 Security Handbook redbook. I would suggest you start looking in both the InfoCenter and in the redbooks site before you post very open-ended questions like this. Remember that Javaranch is run by volunteers and that you should do your part in making an effort to find an answer to a question before asking someone to help you.
Finally, both links above assume you are using WAS AE (You did not specify which version you were using). If you are using WAS AEs, then the InfoCenter can be found here.


Kyle Brown, Author of Persistence in the Enterprise and Enterprise Java Programming with IBM Websphere, 2nd Edition
See my homepage at http://www.kyle-brown.com/ for other WebSphere information.
cb poo
Ranch Hand

Joined: Oct 02, 2002
Posts: 67
Sorry, I didn't realize that my name violate the rules. Already update my profile.
Actually I did try to do it. I also had read the Infocenter for security chapter(section 5) and WebSphere handbook and websphere security hand book. But it doesn't work.
According to the infocenter, to secure web resource, security can be apply as Global or to different application.
I configured the Global security by setting Security Center in my WAS AE 4.0 to connect to Active Directory. After restart WAS AE 4.0, the next time it prompt for the password before I allow to bring up the WAS AE Administrative Console. I successfully go into WAS AE Admin Console.
But when I tried to access the web page in the WAS AE that I had installed. It seem like no authentication take place. I still can access the page even if my login not in Active Directory.
Need help...
 
jQuery in Action, 2nd edition
 
subject: How to secure web resources by using MS Active Directory as LDAP Server?
 
Similar Threads
after JNDI realm Authentication, need further specificity on authentication
WAS 4.0.1 AE authentication success but fail to retrieve user
LDAP / Active Directory Integration
apache/httpd using OS passwords?
Problems setting up JForum with LDAP