Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Configuring Tomcat to authenticate using Windows Active Directory

Tags:

tomcat

ldap

What is the best way to configure Tomcat 5.5 or later to authenticate users from Windows Active Directory?

like image 623
santtu Avatar asked Nov 06 '08 07:11

santtu

People also ask

What is the authentication used by tomcat for Integrated Windows Authentication?

The client must be configured to use Kerberos authentication. For Internet Explorer this means making sure that the Tomcat instance is in the "Local intranet" security domain and that it is configured (Tools > Internet Options > Advanced) with integrated Windows authentication enabled.

Does Windows Authentication use Active Directory?

You can use Windows authentication when your IIS 7 server runs on a corporate network that is using Microsoft Active Directory service domain identities or other Windows accounts to identify users. Because of this, you can use Windows authentication whether or not your server is a member of an Active Directory domain.

1 Answers

From www.jspwiki.org

See : ActiveDirectoryIntegration

Try this in the server.xml with your ldap-settings :

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"     connectionURL="ldap://youradsserver:389"     alternateURL="ldap://youradsserver:389"              userRoleName="member"     userBase="cn=Users,dc=yourdomain"     userPattern="cn={0},cn=Users,dc=yourdomain"     roleBase="cn=Users,dc=yourdomain"     roleName="cn"     roleSearch="(member={0})"     roleSubtree="false"     userSubtree="true"/>

And define the role in the tomcat-users.xml and the web.xml of your application

Edit webapp_root/WEB_INF/Web.xml file as follows:

<security-constraint>    <display-name>your web app display name</display-name>    <web-resource-collection>      <web-resource-name>Protected Area</web-resource-name>      <url-pattern>*.jsp</url-pattern>      <url-pattern>*.html</url-pattern>      <url-pattern>*.xml</url-pattern>    </web-resource-collection>    <auth-constraint>      <role-name>yourrolname(ADS Group)</role-name>    </auth-constraint>  </security-constraint>  <login-config>    <auth-method>FORM</auth-method>    <form-login-config>      <form-login-page>/login.jsp</form-login-page>      <form-error-page>/error.jsp</form-error-page>    </form-login-config>  </login-config>  <security-role>    <description>your role description</description>    <role-name>yourrolename(i.e ADS group)</role-name>  </security-role>
like image 178
Blauohr Avatar answered Sep 20 '22 14:09

Blauohr
Sign in to Comment

Related questions

Reading properties file from Maven POM file
Using Intellij to Build War and Deploy to Tomcat
Error: Servlet Jar not Loaded... Offending class: javax/servlet/Servlet.class
how to refresh JSESSIONID cookie after login
Tomcat CORS filter
External configuration for spring-boot application
How to know which tomcat version embedded in spring boot
Where is the "work" directory located for a Tomcat instance running in Eclipse?
How do I send an e-mail in Java?
Running tomcat with eclipse kepler
proxy_ajp:error (70007)The timeout specified has expired:
Access-Control-Allow-Origin: * in tomcat
How does Tomcat find the HOME PAGE of my Web App?
Ant, Tomcat Build Error: java.lang.NoClassDefFoundError: org/apache/tomcat/util/buf/B2CConverter
Tomcat 7 - where do I set 'system properties'?
“log4j:configuration” must match “(renderer….loggerFactory)?)”
_jspService is exceeding the 65535 bytes limit
Logrotate files with date in the file name
java.lang.IllegalArgumentException: The main resource set specified [...] is not valid
tcnative-1.dll Can't load AMD 64-bit .dll on a IA 32-bit platform

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!