Has any of you managed to configure tomcat JNDIRealm to talk to Active
Directory?
I'm having a hard time setting it up and my wild guess is that the
JNDIRealm does not support SASL mechanism.
Here's my config:
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionURL
]
Sent: Thursday, August 11, 2005 8:17 AM
To: Tomcat Users List
Subject: tomcat and active directory
Has any of you managed to configure tomcat JNDIRealm to talk to Active
Directory?
I'm having a hard time setting it up and my wild guess is that the
JNDIRealm does not support SASL
]
Sent: Thursday, August 11, 2005 5:27 PM
To: 'Tomcat Users List'
Subject: RE: tomcat and active directory
It looks like you are configured for anonymous bind.
By default, the AD LDAP implementation does not allow
anonymous bind. You have two ways of handling this:
1. Configure your AD
software.
George Sexton
MH Software, Inc.
http://www.mhsoftware.com/
Voice: 303 438 9585
-Original Message-
From: Michal Kwiatek [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 11, 2005 9:30 AM
To: Tomcat Users List
Subject: RE: tomcat and active directory
I have just seen
, July 19, 2005 6:23 PM
To: tomcat-user@jakarta.apache.org
Subject: Tomcat JNDI Realm + Active Directory Server
I had a hard time trying to configure Tomcat to authenticate with MS
Active Directory Service, i tried a lot of samples, i edited them but i
didn't get nothing. This is the last
I had a hard time trying to configure Tomcat to authenticate with MS
Active Directory Service, i tried a lot of samples, i edited them but i
didn't get nothing. This is the last configuration i tried:
/META-INF/context-xml:
?xml version=1.0 encoding=UTF-8?
Context path=/moretests
Realm
Hi!
Is there anyone out there who would like to figure out what I am doing wrong
when trying to create a realm in Tomcat that is supposed to authenitcate
users over JNDI against an Active Directory server.
In my server.xml I have the following
Realm className=org.apache.catalina.realm.JNDIRealm
On Fri, Oct 15, 2004 at 08:18:56AM +0200, Roland Carlsson wrote:
: Is there anyone out there who would like to figure out what I am doing wrong
: when trying to create a realm in Tomcat that is supposed to authenitcate
: users over JNDI against an Active Directory server.
Why not try
:
: Is there anyone out there who would like to figure out what I am doing wrong
: when trying to create a realm in Tomcat that is supposed to authenitcate
: users over JNDI against an Active Directory server.
Why not try this: authenticate against AD using something other than
Tomcat. It's easier
) {
System.out.println( Error: + e.toString() );
}
return;
}
}
--- END GetAuthenticated.java ---
-Original Message-
From: Roland Carlsson [mailto:[EMAIL PROTECTED]
Sent: Friday, October 15, 2004 10:49 AM
To: TomcatUsers
Subject: Sv: Tomcat, JNDI, Active Directory
Hi all
I have a need to validate users that may exist in one of 4 Active Directory
Domains for a web-app running on Tomcat 5.x/Apache 2.x.
What's the best way to accomplish this?
I have read the following thread --
http://www.mail-archive.com/[EMAIL PROTECTED]/msg130900.html
which
I had to roll my own Realm loosely based on JNDIRealm. Working with Active
Directory, especially the way it was deploy, was so painful that regressed
most of the details.
I am guessing you have 4 different domains under and more generic domain. For
example:
ad.funkman.net
-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 15, 2004 1:24 PM
To: Tomcat Users List
Subject: Re: Tomcat and Active Directory/LDAP (Multiple Domains) (LDAP
Newbie)
I had to roll my own Realm loosely based on JNDIRealm. Working with Active
Directory, especially the way
PROTECTED]
Sent: Wednesday, September 15, 2004 1:24 PM
To: Tomcat Users List
Subject: Re: Tomcat and Active Directory/LDAP (Multiple Domains) (LDAP
Newbie)
I had to roll my own Realm loosely based on JNDIRealm. Working with Active
Directory, especially the way it was deploy, was so painful
I'm trying configure one JNDIRealm asking to one Windows 2000 Active
Directory. In the examples in the web of jakarta I have seen examples over
openLdap. Can you help me in the configuration over Windows2000 AD. Has
somebody a production system or wep application using JNDIRealm vs Active
I am trying to authenticate web users against an active directory
instance, but for some reason the configuration that worked in tomcat 4.1
is not working in tomcat 5.0.18
Here is the message that I get from the realm authentication with
debugging turned on:
2004-02-04 16:10:20 JNDIRealm[/lts
]
Subject: RE: Tomcat and Active Directory / 2003
This is my realm setup in my server.xml config
Realm className=org.apache.catalina.realm.JNDIRealm
debug=99
connectionURL=ldap://[domain controller]:389
userBase=OU=Users,OU=Shawmut,DC
I'm also trying to authenticate to AD from Tomcat. I'm having some struggles.
---
Search the archives of the list, there are some good success stories.
BTW, all examples are using LDAP as a method of interaction with AD. Is anybody
considering Kerberos5 (GSS-API)?
I do realize Tomcat doesn't
Hi All,
I've been trying for several weeks to compile
information on Tomcat and Active Directory through
LDAP. I can't quite get all the information I need and
I am hoping someone has a link to what needs to be
done. I want to use the Realms in Tomcat but I can't
seem to connect properly
=***
userPattern=cn={0},dc=vacationsonly,dc=net /
--- Matt Fury [EMAIL PROTECTED] wrote:
Hi All,
I've been trying for several weeks to compile
information on Tomcat and Active Directory through
LDAP. I can't quite get all the information I need
and
I am hoping someone has a link
information on Tomcat and Active Directory through
LDAP. I can't quite get all the information I need
and
I am hoping someone has a link to what needs to be
done. I want to use the Realms in Tomcat but I can't
seem to connect properly. For some reason it seems
to
keep trying
:
Hi All,
I've been trying for several weeks to compile
information on Tomcat and Active Directory
through
LDAP. I can't quite get all the information I
need
and
I am hoping someone has a link to what needs to
be
done. I want to use the Realms in Tomcat but I
can't
seem
and Active Directory / 2003
Hey Thanks for the reply.
Tried all those to no avail. :-/ I did see the Tomcat
realm how-to but I was wondering if there were issues
because it is Micro$oft we're trying to connect to and
its 2003. Who knows, their standard ldap may not be
standard.
-Matt
--- Yann
| Tim mentioned the use of the JCIFS library. I don't think that'd work
| either since it'd need to run on the same machine as the browser, which
| doesn't seem right. Or perhaps I'm missing something. Now if Tomcat
| supported Windows SSO using JCIFS, then that's a different story. I
| don't
-Original Message-
From: Endre Stølsvik [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 10, 2003 3:45 AM
To: Tomcat Users List
Subject: Re: Active Directory Single Sign-On
| Tim mentioned the use of the JCIFS library. I don't think
that'd work
| either since it'd need
..
Any thoughts, suggestions, comments?
Cheers
Russ
-Original Message-
From: Allen Hadden [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 10, 2003 6:36 AM
To: Tomcat Users List
Subject: RE: Active Directory Single Sign-On
-Original Message-
From: Endre Stølsvik
If you are using IIS, IIS can propogate the REMOTE_USER variable for you so
that authentication is already done.
As for authorization, there is a Valve called NonLoginAuthenticator
Kerberos (Active Directory, MIT, Heimdal) and let clients
authenticate to the Kerberos (Win2k and WinXP do this when you login to ADS)
and then let Kerberos do it's stuff. That way, once a user logs onto ADS,
he/she will have a complete SSO - File Sharing, Web (IIS, Apache, Tomcat),
any other ADS service
I am trying to use the JNDI realm to access our Active Directory. The
server.xml entry I have is:
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionURL=ldap://ou=migrated users,ou=nmr,dc=enterprisenet,dc=org
userBase=cn=Users,dc=enterprisenet,dc=org
There's just been a similar question answered. The URL to your Active
Directory appears to be wrong - after all I'm guessing that Active Directory
is not running on your development system. Change the URL to:
ldap://server.name:389/ou=migrated users...
and you might have some success
be able to enter that url in the browser and get
something meaningful?
Thanks again.
-Original Message-
From: Christopher Williams [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 09, 2003 10:55 AM
To: Tomcat Users List
Subject: Re: Tomcat and Active Directory
There's just been a similar
and Active Directory
Thanks for your response. I have changed the url to the following:
connectionURL=ldap://nmr001dundom01:636/ou=migrated
users,ou=nmr,dc=enterprisenet,dc=org
Our admin said to use port 636.
However, I still get the same error saying it can't connect to
localhost:389
: Christopher Williams [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 09, 2003 11:41 AM
To: Tomcat Users List
Subject: Re: Tomcat and Active Directory
You won't get an intelligent response if you enter your LDAP URL into a web
browser, but many email clients are LDAP-compatible (e.g. Outlook Express
So maybe it is just my lack of understanding of Active Directory(working
for Novell, I'm prejudiced towards Novell eDirectory, of course), but
usually in my connectionURL, I put something of the form,
ldap://myhost:636; Changing that to ldaps usually doesn't work for
me, and the whole /ou
]
Sent: Tuesday, September 09, 2003 2:22 PM
To: [EMAIL PROTECTED]
Subject: Re: Tomcat and Active Directory
So maybe it is just my lack of understanding of Active Directory(working
for Novell, I'm prejudiced towards Novell eDirectory, of course), but
usually in my connectionURL, I put something
Hey All-
Finally Finally, Finally, I figured out how to authenticate to Active
Directory...(code below minus the login form).now to go further,
I would like to implement Single Sign-On.somehow we would need to
retrieve the user's name and password off their NT machine and use them
I think you are looking for NTLM authentication which was done by the samba
folks. See http://jcifs.samba.org/
-Tim
Pitre, Russell wrote:
Hey All-
Finally Finally, Finally, I figured out how to authenticate to Active
Directory...(code below minus the login form).now to go further
Okay, Checked it out, can I use this API to grab the username and
password with a .jsp or servlet off the NT machine.and then pass it
to Tomcat so it then can look up users in Active Directory?
I want security to be container managed.So I need to
1.) Grab the username and password
2
: RE: Active Directory Single Sign-On
Okay, Checked it out, can I use this API to grab the username and
password with a .jsp or servlet off the NT machine.and
then pass it
to Tomcat so it then can look up users in Active Directory?
I want security to be container managed.So I
I am trying to use the JNDI realm to access our Active Directory. The
server.xml entry I have is:
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionURL=ldap://ou=migrated users,ou=nmr,dc=enterprisenet,dc=org
userBase=cn=Users,dc=enterprisenet,dc=org
userSearch
Is Active Directory running on your localhost? Presumably not, so you need
to have ldap://host_name:port_no/ou=...;.
- Original Message -
From: Srofe, Douglas (c) [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, September 08, 2003 7:38 PM
Subject: Tomcat and Active Directory
I
I am trying to use the JNDI realm to access our Active Directory. The
server.xml entry I have is:
Realm className=org.apache.catalina.realm.JNDIRealm debug=99
connectionURL=ldap://ou=migrated
users,ou=nmr,dc=enterprisenet,dc=org
userBase=cn=Users,dc=enterprisenet,dc=org
I am not an expert but can it be, because you haven't specified any
contextFactory?
What kind of ldap are you using?s
What means userSearch=(userPrincipalName={0}) ?
Torsdag 26 juni 2003 22:12 skrev Pitre, Russell:
Server.xml:
Realm
I'm trying to setup my webapp to authenticate to Active Directory. After
searching and googling I still cannot resolve my problem. I've created
a user named tomcatuser and security group called tomcat in the Users
container. I've put my logon in that group tomcat and no success
logging
Also, prior to setting up my webapp to use Active Directory, I had the
webapp successfully authenticating to a JDBC realm.
-Original Message-
From: Pitre, Russell
Sent: Thursday, June 26, 2003 4:05 PM
To: [EMAIL PROTECTED]
Subject: JNDI and Active Directory.
I'm trying to setup
I also referenced this site..
http://www.java-internals.com/code/jndi_realm.html
Thanx again
-Original Message-
From: Pitre, Russell
Sent: Thursday, June 26, 2003 4:10 PM
To: Tomcat Users List
Subject: RE: JNDI and Active Directory.
Also, prior to setting up my
Guys!!
Here is a challenge to be resolved. I need to create users from a
servlet running on Tomcat in AD. After a big fight and having help from
sun forum I could able to write a class which could do the desired task
with SSL.
When I am using that class and methods from a servlet it started
Subject: Re: Question regarding Active Directory/LDAP
i am trying to create a web front end using an ldap api to query and
update
the active directory so that i can pull out information on an user or
create
and update the info on an user in the active directory...
Chris
- Original Message
i know this is kind of off the topic, but i am trying to write to an Active Directory
using jndi in jsp. However, i have no idea how the active directory schema works. i am
just trying to look up users. does anyone have any idea on things such as what the
base DN should be, objectClass, and so
Check with your Active Directory documentation how to make AD accessible
from a LDAP client. Then just access the AD tree as a normal LDAP tree.
Good hunting!
Markus
On torsdag, juni 6, 2002, at 09:17 , Chris Shen wrote:
i know this is kind of off the topic, but i am trying to write
[mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 06, 2002 3:17 AM
To: Tomcat Users List
Subject: Active Directory
i know this is kind of off the topic, but i am trying to write to an Active
Directory using jndi in jsp. However, i have no idea how the active
directory schema works. i am just trying
i am trying to create a web front end using an ldap api to query and update
the active directory so that i can pull out information on an user or create
and update the info on an user in the active directory...
Chris
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent
i know this is not directly related to tomcat. i am trying to write a LDAP
client in jsp to talk to an active directory. however, i am rather
unfamiliar with the directory structure in active directory. i have one set
up on my machine, but i am having trouble looking up attributes
You be in rela trouble here. Active Directory uses a conglomeration of
Kerberos 5 with MS ciphers and LDAP
As for LDAP, I think its straightforward - look up the standard and get one
bit at a time. Perhaps see the SMABA 3.x code and what it does (its a late
beta stuff).
What are you trying
Has anybody successfully used Active Directory as a source for JNDI Realms
in Tomcat 4.0?
If so, I can dump ASP at last...
Rick Lawson
Infrastructure Specialist
Napp Pharmaceutical Holdings
___
CONFIDENTIALITY NOTICE
attempts to bind as the user to authenticate. This mode, to my knowledge
isn't yet supported. It's in the specs though, and I know that they're
planning on implementing it. In Active Directory, the password field isn't
queryable and that's why it won't work. Unless, you store the passwords
redundantly
56 matches
Mail list logo
