• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Tomcat & MS Active Directory

 
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi
We use tomcat 5.0.25 and want to authentication against MS Acitve Directory. In the server.xml we put the realm entry

Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://serv200.wwk-group.com:389"
connectionName="CN=LDAPUser,OU=LDAP Authentifizierung,OU=Administration,DC=WWK-GROUP,DC=COM"
connectionPassword="password"
authentication="simple"
referrals="follow"
userBase="OU=WWK-ZD,DC=wwk-group,DC=com"
userSubtree="true"
userSearch="sAMAccountName={0}"
roleSubtree="true"



It look like that we can connect against MS AD. But when we want to use the tomcat manager we got an error 403 Access to the requested resource has been denied. In the log file we have follow entry:


2005-01-13 09:35:18 JNDIRealm[Catalina]: Connecting to URL ldap://serv200.wwk-group.com:389
2005-01-13 09:35:44 JNDIRealm[Catalina]: Searching for Oliver.Baum
2005-01-13 09:35:44 JNDIRealm[Catalina]: base: OU=WWK-ZD,DC=wwk-group,DC=com filter: sAMAccountName=Oliver.Baum
2005-01-13 09:35:44 JNDIRealm[Catalina]: entry found for Oliver.Baum with dn CN=BAUM\, OLIVER,OU=2870-IT-BETRIEB SYSTEMPLANUNG,OU=0524-IT-SERVICE QUALITAET,OU=0520-IT-BEREICH,OU=0400-VORSTANDSRESSORT4,OU=WWK-ZD,DC=wwk-group,DC=com
2005-01-13 09:35:44 JNDIRealm[Catalina]: validating credentials by binding as the user
2005-01-13 09:35:44 JNDIRealm[Catalina]: binding as CN=BAUM\, OLIVER,OU=2870-IT-BETRIEB SYSTEMPLANUNG,OU=0524-IT-SERVICE QUALITAET,OU=0520-IT-BEREICH,OU=0400-VORSTANDSRESSORT4,OU=WWK-ZD,DC=wwk-group,DC=com
2005-01-13 09:35:44 JNDIRealm[Catalina]: Username Oliver.Baum successfully authenticated
2005-01-13 09:35:44 JNDIRealm[Catalina]: getRoles(CN=BAUM\, OLIVER,OU=2870-IT-BETRIEB SYSTEMPLANUNG,OU=0524-IT-SERVICE QUALITAET,OU=0520-IT-BEREICH,OU=0400-VORSTANDSRESSORT4,OU=WWK-ZD,DC=wwk-group,DC=com)


Can somebody help me?

Thanks
Olly
 
Oliver Baum
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I fixed the error
 
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Curious....what was it ?
 
reply
    Bookmark Topic Watch Topic
  • New Topic