JSP and Active Directory Integration

Hi,

I am using Tomcat 5.5. I need to enable Windows authentication such that when user hits the login.jsp, his credential should be checked against Active Directory domain and move forward to next page,if success. I have already update conf/server.xml and web.xml of my application with some help available on net. Kindly provide some idea.

Thanks,
Shobhit
SCJP 5.0

Welcome to the JavaRanch, Shobhit. Active Directory is an LDAP server, so look at the Tomcat docs that have to do with setting up an LDAP-based security realm. You will also find a lot of stuff on that subject if you use Google.

In order for the Realm to properly control the webapp, the webapp has to have been written to use container-based security and have the appropriate security definitions added to the webapp's web.xml file. They're what determine how the different URLs passed to the webapp are guarded by the security Realm, what the login and loin failure pages are, and what security roles will be applied.

Thanks Tim . I read tomcat docs and tried many things but still its not working as it should be. Here is my webapp_root/WEB_INF/Web.xml file :
<security-constraint> <display-name>your web app display name</display-name> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <url-pattern>*.jsp</url-pattern> <url-pattern>*.html</url-pattern> <url-pattern>*.xml</url-pattern> </web-resource-collection> <auth-constraint> <role-name>CORP</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/error.jsp</form-error-page> </form-login-config> </login-config> <security-role> <description></description> <role-name>CORP</role-name> </security-role>


And server.xml with ldap-settings :
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://corp.mycompany.com:389" alternateURL="ldap://corp.mycompany.com:389" userRoleName="member" userBase="cn=Employees,dc=corp,dc=mycompany,dc=com" userPattern="cn={0},cn=Employees,dc=corp,dc=mycompany,dc=com" roleBase="cn=Employees,dc=corp,dc=mycompany,dc=com" roleName="CORP" roleSearch="(member={0})" roleSubtree="true" userSubtree="true" />


Kindly have a look at the code and suggest me what else should I do to authenticate my intranet application against active directory.Thanks.

roleName is supposed to be the name of an AD entry attribute that holds a role value. You've hard-coded a role value where its name should have been.

Thanks Tim for your efforts.
I got the solution by following instruction of this nice tutorial(video presentation) http://alextch.members.winisp.net/TomcatAndAD/TomcatAndAD.html