Sorry to say but in my last post I said I need to validate with local window xp users. later on I came to know that I need to validate users with AD (Active Directory). I made changes in server.xml and create new JNDI realm.
Please find the below code for server.xml
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="ldap://servername.r1-core.r1.xyz.net:389"
connectionName="USERNAME@R1-CORE"
connectionPassword="*******"
referrals="follow"
userPattern="cn={0},DC=r1-core,DC=r1,DC=aig,DC=net"
userSearch="(sAMAccountName={0})"
userRoleName="memberOf"
userSubTree="true"
/>
Here R1-CORE is domin.
I am already user on R1-CORE domain so I have given my name userid & pwd for R1-Core Domain for connectionName & connectionPassword.
Please find the below code for web.xml.
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Sample</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area Active-Directory-Group-Name-->
<role-name>Users</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>JNDIRealm</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<role-name>Users</role-name>
</security-role>
After that I have restarted the tomcat and hit the url
http://localhost:8080/Sample/index.html. window throw popup for login. I entered username (R1-CORE\usrname) & pwd(********) and tomcat has thrown below error.
an 14, 2010 11:48:32 AM org.apache.catalina.realm.JNDIRealm authenticate
SEVERE: Exception performing authentication
javax.naming.InvalidNameException: cn=R1-CORE\usrname,DC=r1-core,DC=r1,DC=xyz,DC=net: [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090654, comment: Error processing name, data 0, vece
After that I have restarted the tomcat and hit the url
http://localhost:8080/Sample/index.html. window throw popup for login. I entered username (usrname) without domin R1-CORE & pwd(********) and tomcat has not doing any thing. I mean stop all the activity.
Please suggest !!