This week's book giveaway is in the Big Data forum.
We're giving away four copies of Elasticsearch in Action and have Radu Gheorghe & Matthew Lee Hinman on-line!
See this thread for details.
The moose likes Tomcat and the fly likes Tomcat Authentication with Directory Server Roles Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Elasticsearch in Action this week in the Big Data forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat Authentication with Directory Server Roles" Watch "Tomcat Authentication with Directory Server Roles" New topic
Author

Tomcat Authentication with Directory Server Roles

Joe Ess
Bartender

Joined: Oct 29, 2001
Posts: 9048
    
    9

I can authenticate Tomcat users against a Sun One Directory Server using groups. I configure my realm like so:

and it works fine.

Unfortunately, the powers that be use Roles instead of Groups and I can't get authentication against Roles to work. Roles are represented as virtual attributes of a user as opposed to groups which contain uniquemember records (LDIF with some attributes snipped):



Now I configure my Tomcat server like so:


Authentication appears to work according to the Tomcat log:


but I get forwarded to an HTTP 403 error. This indicates to me that the user's roles are not being found. Can anyone point me in the right direction?


[How To Ask Questions On JavaRanch]
Joe Ess
Bartender

Joined: Oct 29, 2001
Posts: 9048
    
    9

I haven't found a solution to this problem.
Instead, the powers that be have created a tree for my users and I'm free to use groups.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Tomcat Authentication with Directory Server Roles