RE: LDAP Authentication with Tomcat 4.1.3
Is having two OU entries OK?
Best Wishes
John Burgess
[EMAIL PROTECTED]
Tel: 01865 718666
Fax: 01865 718600
-Original Message-
From: Josh Fenlason [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 11, 2002 9:12 PM
To: Tomcat
Subject: LDAP Authentication with Tomcat 4.1.3
I'm trying to do LDAP Authentication in Tomcat 4.1.3. I found some a couple
of links that said to use LDAPRealm in Tomcat's server.xml, but I still
haven't had any luck. Has anyone else been able to get this to work? Here
are the two Realm elements that I've tried in server.xml. Any help would be
greatly appreciated. Thanks.
,
Josh.
Realm className=com.peacetech.webtools.tomcat.LdapRealmCatalina
debug=1
directoryUrl = ldap://corvette.mn.ptc.com:389;
searchBindDN = ou-jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=Bethel
searchBindCredentials = mypassword
searchBaseContext = o=PTC
searchFilter = cn={0}
searchScopeAsString = sub
securityAttributes = securityEquals
attributesReadByOwner = true
connectionMaxPoolSize = 10
ldapVersion = 3 /
Realm className=org.apache.catalina.realm.LDAPRealm
ldapContextFactory=com.sun.jndi.ldap.LdapCtxFactory
ldapServer=ldap.corvette.mn.com
ldapPort=389
ldapDN=cn=%u,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=Bethel
ldapGroupContext=ou=jfenlason_r62DC,ou=jfenlason,l=Arden
Hills,o=Bethel
ldapGroupFilter=(amp;(uniquemember=%dn)(objectclass=groupOfUniqueNames))
ldapRoleAttribute=cn
debug=99 /
--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.365 / Virus Database: 202 - Release Date: 24/05/02
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.365 / Virus Database: 202 - Release Date: 24/05/02
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: LDAP Authentication with Tomcat 4.1.3
I used to use Apache1.3.24 and Tomcat 3.2 and I did the ldap authentication
from Apache with two ou entries. Now I'm moving to Apache2 but the ldap
authentication modules don't seem to work, so I need to get Tomcat to do the
ldap authentication. If anyone could give me a pointer, I would greatly
appreciate it. Thanks in advance.
,
Josh.
-Original Message-
From: John Burgess [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 12, 2002 4:21 AM
To: Tomcat Users List
Subject: RE: LDAP Authentication with Tomcat 4.1.3
Is having two OU entries OK?
Best Wishes
John Burgess
[EMAIL PROTECTED]
Tel: 01865 718666
Fax: 01865 718600
-Original Message-
From: Josh Fenlason [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 11, 2002 9:12 PM
To: Tomcat
Subject: LDAP Authentication with Tomcat 4.1.3
I'm trying to do LDAP Authentication in Tomcat 4.1.3. I found some a couple
of links that said to use LDAPRealm in Tomcat's server.xml, but I still
haven't had any luck. Has anyone else been able to get this to work? Here
are the two Realm elements that I've tried in server.xml. Any help would be
greatly appreciated. Thanks.
,
Josh.
Realm className=com.peacetech.webtools.tomcat.LdapRealmCatalina
debug=1
directoryUrl = ldap://corvette.mn.ptc.com:389;
searchBindDN = ou-jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=Bethel
searchBindCredentials = mypassword
searchBaseContext = o=PTC
searchFilter = cn={0}
searchScopeAsString = sub
securityAttributes = securityEquals
attributesReadByOwner = true
connectionMaxPoolSize = 10
ldapVersion = 3 /
Realm className=org.apache.catalina.realm.LDAPRealm
ldapContextFactory=com.sun.jndi.ldap.LdapCtxFactory
ldapServer=ldap.corvette.mn.com
ldapPort=389
ldapDN=cn=%u,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=Bethel
ldapGroupContext=ou=jfenlason_r62DC,ou=jfenlason,l=Arden
Hills,o=Bethel
ldapGroupFilter=(amp;(uniquemember=%dn)(objectclass=groupOfUniqueNames))
ldapRoleAttribute=cn
debug=99 /
--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.365 / Virus Database: 202 - Release Date: 24/05/02
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.365 / Virus Database: 202 - Release Date: 24/05/02
--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: LDAP Authentication with Tomcat 4.1.3
Have a look at these links. There is some new functionality in Tomcat 4.1
that isn't mentioned in the main end-user document yet that is in the second
link. Namely, how to get it to bind as a user to do the authentication
rather than querying for a password and comparing it.
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#JNDIRealm
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/catalina/docs/api/index.html
Jon
- Original Message -
From: Josh Fenlason [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Wednesday, June 12, 2002 8:28 AM
Subject: RE: LDAP Authentication with Tomcat 4.1.3
I used to use Apache1.3.24 and Tomcat 3.2 and I did the ldap
authentication
from Apache with two ou entries. Now I'm moving to Apache2 but the ldap
authentication modules don't seem to work, so I need to get Tomcat to do
the
ldap authentication. If anyone could give me a pointer, I would greatly
appreciate it. Thanks in advance.
,
Josh.
-Original Message-
From: John Burgess [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 12, 2002 4:21 AM
To: Tomcat Users List
Subject: RE: LDAP Authentication with Tomcat 4.1.3
Is having two OU entries OK?
Best Wishes
John Burgess
[EMAIL PROTECTED]
Tel: 01865 718666
Fax: 01865 718600
-Original Message-
From: Josh Fenlason [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 11, 2002 9:12 PM
To: Tomcat
Subject: LDAP Authentication with Tomcat 4.1.3
I'm trying to do LDAP Authentication in Tomcat 4.1.3. I found some a
couple
of links that said to use LDAPRealm in Tomcat's server.xml, but I still
haven't had any luck. Has anyone else been able to get this to work?
Here
are the two Realm elements that I've tried in server.xml. Any help would
be
greatly appreciated. Thanks.
,
Josh.
Realm className=com.peacetech.webtools.tomcat.LdapRealmCatalina
debug=1
directoryUrl = ldap://corvette.mn.ptc.com:389;
searchBindDN = ou-jfenlason_r62DC,ou=jfenlason,l=Arden
Hills,o=Bethel
searchBindCredentials = mypassword
searchBaseContext = o=PTC
searchFilter = cn={0}
searchScopeAsString = sub
securityAttributes = securityEquals
attributesReadByOwner = true
connectionMaxPoolSize = 10
ldapVersion = 3 /
Realm className=org.apache.catalina.realm.LDAPRealm
ldapContextFactory=com.sun.jndi.ldap.LdapCtxFactory
ldapServer=ldap.corvette.mn.com
ldapPort=389
ldapDN=cn=%u,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=Bethel
ldapGroupContext=ou=jfenlason_r62DC,ou=jfenlason,l=Arden
Hills,o=Bethel
ldapGroupFilter=(amp;(uniquemember=%dn)(objectclass=groupOfUniqueNames))
ldapRoleAttribute=cn
debug=99 /
--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.365 / Virus Database: 202 - Release Date: 24/05/02
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.365 / Virus Database: 202 - Release Date: 24/05/02
--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]
--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
LDAP Authentication with Tomcat 4.1.3
I'm trying to do LDAP Authentication in Tomcat 4.1.3. I found some a couple
of links that said to use LDAPRealm in Tomcat's server.xml, but I still
haven't had any luck. Has anyone else been able to get this to work? Here
are the two Realm elements that I've tried in server.xml. Any help would be
greatly appreciated. Thanks.
,
Josh.
Realm className=com.peacetech.webtools.tomcat.LdapRealmCatalina
debug=1
directoryUrl = ldap://corvette.mn.ptc.com:389;
searchBindDN = ou-jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=Bethel
searchBindCredentials = mypassword
searchBaseContext = o=PTC
searchFilter = cn={0}
searchScopeAsString = sub
securityAttributes = securityEquals
attributesReadByOwner = true
connectionMaxPoolSize = 10
ldapVersion = 3 /
Realm className=org.apache.catalina.realm.LDAPRealm
ldapContextFactory=com.sun.jndi.ldap.LdapCtxFactory
ldapServer=ldap.corvette.mn.com
ldapPort=389
ldapDN=cn=%u,ou=jfenlason_r62DC,ou=jfenlason,l=Arden Hills,o=Bethel
ldapGroupContext=ou=jfenlason_r62DC,ou=jfenlason,l=Arden
Hills,o=Bethel
ldapGroupFilter=(amp;(uniquemember=%dn)(objectclass=groupOfUniqueNames))
ldapRoleAttribute=cn
debug=99 /
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: ldap authentication with tomcat
Depending on your requirements you may want to create a auth servlet that authenticates users to ldap server using for ex netscape's ldapjdk package or JDNI classes, and then keep users login in the session object. All you protected servlets/jsps should assert the session checking if user's info is in the session. Another option: to use JNDIRealm, but I can't advise on this b/c I never used it. - Boris Hi, I am new to the subject: How can I enforce ldap authentication for certain resources using tomcat - similar to the Directory toProtectResourcePath Options FollowSymLinks AllowOverride None AuthType Basic AuthName Authentication AuthLDAPURL ldap://ldapUrl require valid-user /Directory for apache in order to be able to get user information via e.g. getRemoteUser() etc. ? And by the way: Where is a valuable description of the configuration with server.xml and web.xml? Thanks. Astrid
ldap authentication with tomcat
Hi, I am new to the subject: How can I enforce ldap authentication for certain resources using tomcat - similar to the Directory toProtectResourcePath Options FollowSymLinks AllowOverride None AuthType Basic AuthName Authentication AuthLDAPURL ldap://ldapUrl require valid-user /Directory for apache in order to be able to get user information via e.g. getRemoteUser() etc. ? And by the way: Where is a valuable description of the configuration with server.xml and web.xml? Thanks. Astrid
Re: ldap authentication with tomcat
I think JNDIRealm will do this. However, it seems to be a pretty newly added feature and as far as I can tell, it isn't documented very well. I've been wondering the same thing. If you figure it out, please let me know. You might want to do a search of the mail list archives. I saw a few messages about it in there. However, it looked like it was about a 3rd party add-on that did it. I'm pretty sure the functionality now exists in it natively. I think it's configured similar to JDBCRealm in server.xml. So, I've been thinking that I might try to figure that out first, since, it seems to be better documented. Jon - Original Message - From: Astrid Wagner [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 6:04 AM Subject: ldap authentication with tomcat Hi, I am new to the subject: How can I enforce ldap authentication for certain resources using tomcat - similar to the Directory toProtectResourcePath Options FollowSymLinks AllowOverride None AuthType Basic AuthName Authentication AuthLDAPURL ldap://ldapUrl require valid-user /Directory for apache in order to be able to get user information via e.g. getRemoteUser() etc. ? And by the way: Where is a valuable description of the configuration with server.xml and web.xml? Thanks. Astrid
