This is version . It is not the current version, and thus it cannot be edited.
[Back to current version]   [Restore this version]

My problem .... Tomcat (Tomcat Manager) Authentication with AD ----problem (Apache Tomcat/6.0.20)

How do I configure apache to use active directory for authentication How do I configure the apache realm to use active directory for authentication through LDAP I configure my realm like so:

SERVER.XML

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"

connectionName="CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

connectionPassword="PASSWD"

connectionURL="ldap://opAGC.rp:389"

userBase="OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

userSearch="(sAMAccountName={0})"

userSubtree="true"

roleBase="OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx"

roleName="cn"

roleSearch="(uniqueMember={0})"

roleSubtree="true"

referrals="follow"

/>

WEB.XML (Manager TOMCAT)

<servlet> <servlet-name>Manager</servlet-name> <servlet-class>org.apache.catalina.manager.ManagerServlet</servlet-class> <init-param> <param-name>debug</param-name> <param-value>2</param-value> </init-param> </servlet> <servlet> <servlet-name>HTMLManager</servlet-name> <servlet-class>org.apache.catalina.manager.HTMLManagerServlet</servlet-class> <init-param> <param-name>debug</param-name> <param-value>2</param-value> </init-param> </servlet> <servlet> <servlet-name>Status</servlet-name> <servlet-class>org.apache.catalina.manager.StatusManagerServlet</servlet-class> <init-param> <param-name>debug</param-name> <param-value>0</param-value> </init-param> </servlet>

<servlet> <servlet-name>JMXProxy</servlet-name> <servlet-class>org.apache.catalina.manager.JMXProxyServlet</servlet-class> </servlet>

<!-- Define the Manager Servlet Mapping --> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/expire</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/sessions</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/start</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/stop</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/install</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/deploy</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/undeploy</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/reload</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/serverinfo</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/roles</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Manager</servlet-name> <url-pattern>/resources</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Status</servlet-name> <url-pattern>/status/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>JMXProxy</servlet-name> <url-pattern>/jmxproxy/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>HTMLManager</servlet-name> <url-pattern>/html/*</url-pattern> </servlet-mapping>

<!-- Define a Security Constraint on this Application --> <security-constraint> <web-resource-collection> <web-resource-name>HTMLManger and Manager command</web-resource-name> <url-pattern>/jmxproxy/*</url-pattern> <url-pattern>/html/*</url-pattern> <url-pattern>/list</url-pattern> <url-pattern>/expire</url-pattern> <url-pattern>/sessions</url-pattern> <url-pattern>/start</url-pattern> <url-pattern>/stop</url-pattern> <url-pattern>/install</url-pattern> <url-pattern>/remove</url-pattern> <url-pattern>/deploy</url-pattern> <url-pattern>/undeploy</url-pattern> <url-pattern>/reload</url-pattern> <url-pattern>/save</url-pattern> <url-pattern>/serverinfo</url-pattern> <url-pattern>/status/*</url-pattern> <url-pattern>/roles</url-pattern> <url-pattern>/resources</url-pattern> </web-resource-collection> <auth-constraint> <!-- NOTE: This role is not present in the default users file --> <role-name>OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx</role-name> </auth-constraint> </security-constraint>

<!-- Define the Login Configuration for this Application --> <login-config> <auth-method>BASIC</auth-method> <realm-name>Tomcat Manager TEST</realm-name> </login-config>

<!-- Security roles referenced by this web application --> <security-role> <description> The role that is required to log in to the Manager Application </description> <role-name>OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx</role-name> </security-role>

<error-page> <error-code>401</error-code> <location>/401.jsp</location> </error-page>

</web-app>

but I get forwarded to an HTTP 403 error:

HTTP Status 403 - Access to the requested resource has been denied type Status report message Access to the requested resource has been denied description Access to the specified resource (Access to the requested resource has been denied) has been forbidden. Apache Tomcat/6.0.20

My Activ Directory Windows 2003:

sAMAccountName-> Object :CN=x,OU=xx,OU=xxx,OU=xxxx,DC=xxxxx,DC=xxxxxx,DC=xxxxxxx,DC=xxxxxxxx Value: X

Add new attachment

Only authorized users are allowed to upload new attachments.
« This particular version was published on 30-Jul-2009 13:54 by 212.160.172.70.