Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Tomcat (Tomcat Manager) Authentication with AD ----problem

 
Lucky Pikolo
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My problem .... (Apache Tomcat/6.0.20)

How do I configure apache to use active directory for authentication
How do I configure the apache realm to use active directory for authentication through LDAP
I configure my realm like so:

SERVER.XML

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"

connectionName="CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

connectionPassword="PASSWD"

connectionURL="ldap://opAGC.rp:389"


userBase="OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

userSearch="(sAMAccountName={0})"

userSubtree="true"

roleBase="OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

roleName="cn"

roleSearch="(uniqueMember={0})"

roleSubtree="true"

referrals="follow"

/>

*******************************************************************************
WEB.XML (Manager TOMCAT)

<servlet>
<servlet-name>Manager</servlet-name>
<servlet-class>org.apache.catalina.manager.ManagerServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>2</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>HTMLManager</servlet-name>
<servlet-class>org.apache.catalina.manager.HTMLManagerServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>2</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>Status</servlet-name>
<servlet-class>org.apache.catalina.manager.StatusManagerServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
</servlet>

<servlet>
<servlet-name>JMXProxy</servlet-name>
<servlet-class>org.apache.catalina.manager.JMXProxyServlet</servlet-class>
</servlet>

<!-- Define the Manager Servlet Mapping -->
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/list</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/expire</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/sessions</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/start</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/stop</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/install</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/remove</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/deploy</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/undeploy</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/reload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/save</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/serverinfo</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/roles</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Manager</servlet-name>
<url-pattern>/resources</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Status</servlet-name>
<url-pattern>/status/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>JMXProxy</servlet-name>
<url-pattern>/jmxproxy/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HTMLManager</servlet-name>
<url-pattern>/html/*</url-pattern>
</servlet-mapping>

<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>HTMLManger and Manager command</web-resource-name>
<url-pattern>/jmxproxy/*</url-pattern>
<url-pattern>/html/*</url-pattern>
<url-pattern>/list</url-pattern>
<url-pattern>/expire</url-pattern>
<url-pattern>/sessions</url-pattern>
<url-pattern>/start</url-pattern>
<url-pattern>/stop</url-pattern>
<url-pattern>/install</url-pattern>
<url-pattern>/remove</url-pattern>
<url-pattern>/deploy</url-pattern>
<url-pattern>/undeploy</url-pattern>
<url-pattern>/reload</url-pattern>
<url-pattern>/save</url-pattern>
<url-pattern>/serverinfo</url-pattern>
<url-pattern>/status/*</url-pattern>
<url-pattern>/roles</url-pattern>
<url-pattern>/resources</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- NOTE: This role is not present in the default users file -->
<role-name>OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx</role-name>
</auth-constraint>
</security-constraint>

<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat Manager TEST</realm-name>
</login-config>

<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to the Manager Application
</description>
<role-name>OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx</role-name>
</security-role>


<error-page>
<error-code>401</error-code>
<location>/401.jsp</location>
</error-page>

</web-app>

**********************************************************



but I get forwarded to an HTTP 403 error:

HTTP Status 403 - Access to the requested resource has been denied
type Status report
message Access to the requested resource has been denied
description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
Apache Tomcat/6.0.20


***************************************************************
My Activ Directory Windows 2003:

sAMAccountName->
Object :CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx
Value: X


cn->
object: CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx
Value:X

**************************************************************

 
Maneesh Godbole
Saloon Keeper
Posts: 11185
15
Android Eclipse IDE Google Web Toolkit Java Mac Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Luckymam Xxx wrote:


Please check your private messages for an important administrative matter
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic