· User opens Internet explorer and write the URL to the page hosted on the Tomcat server
· Tomcat asks for user authentication
· Browser prompts user for Windows user name and pwd in dialog box
· Browser sends username and pwd to tomcat· Tomcat recieves user/pwd and validate againest the Windows XP local user account.
. Windows Domain server responds 'user good'
. Tomcat considers user authenticated, send requested page to browser.
Windows XP local user mean to Right Click on - My Computer - Manage- Users & Groups.
You can define container-managed security using the security elements in your webapp's web.xml file. That will instruct Tomcat to present a login when a secured URL is accessed. Depending on the options you set that can be a pop-up window or a JSP form. For external apps, the form is preferable because the encryption options on the popup are extremely feeble. In-house it may not matter.
To authenticate the userid/password, you define a Tomcat security Realm. There's an LDAP realm that can be used to authenticate against Active Directory. A lot of people do this, and it can be tricky to get set up, especially if you're not an LDAP expert, but it only has to be done once.
This isn't an "AYHTDI" (All You Have To Do Is) sort of task. There's a fair amount of work, and it's complicated enough that I recommend you read the J2EE and Tomcat docs, because there's a limit on how much complicated stuff we can spend time explaining here. But it's worth it.
"privilege" comes from the Latin words for "private" and "law" (legal) and dates to feudal times. To "claim privilege" meant that you were above the laws that applied to the common people.
posted 10 years ago
Sorry to say but in my last post I said I need to validate with local window xp users. later on I came to know that I need to validate users with AD (Active Directory). I made changes in server.xml and create new JNDI realm.
Please find the below code for server.xml
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
I am already user on R1-CORE domain so I have given my name userid & pwd for R1-Core Domain for connectionName & connectionPassword.
Please find the below code for web.xml.
<display-name>Example Security Constraint</display-name>
<!-- Define the context-relative URL(s) to be protected -->
<!-- Anyone with one of the listed roles may access this area Active-Directory-Group-Name-->
<!-- Security roles referenced by this web application -->
After that I have restarted the tomcat and hit the url http://localhost:8080/Sample/index.html. window throw popup for login. I entered username (R1-CORE\usrname) & pwd(********) and tomcat has thrown below error.
an 14, 2010 11:48:32 AM org.apache.catalina.realm.JNDIRealm authenticate
SEVERE: Exception performing authentication
javax.naming.InvalidNameException: cn=R1-CORE\usrname,DC=r1-core,DC=r1,DC=xyz,DC=net: [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090654, comment: Error processing name, data 0, vece
After that I have restarted the tomcat and hit the url http://localhost:8080/Sample/index.html. window throw popup for login. I entered username (usrname) without domin R1-CORE & pwd(********) and tomcat has not doing any thing. I mean stop all the activity.