Josh, You also need to put something similar to the following in your web.xml file. i.e. the stuff you put in server.xml, just tells Tomcat where to authenticate. The stuff in web.xml, tells Tomcat what resources are protected and what roles are required in order to access a particular resource. I have this in my conf/web.xml and as far as I can tell, it makes it so that it prompts for a password for any resource that is located on the server. If it's just a servlet that you are protecting, I think you should be able to put this in the web.xml file for that context. The Servlet 2.3 spec defines the format of the web.xml file. You can find it at http://java.sun.com under the Servlets section.
<security-constraint> <web-resource-collection> <web-resource-name>myresource</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>myrole</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>myrealm</realm-name> </login-config> Jon ----- Original Message ----- From: "Josh Fenlason" <[EMAIL PROTECTED]> To: "Tomcat" <[EMAIL PROTECTED]> Sent: Wednesday, June 12, 2002 1:18 PM Subject: JNDIRealm authentication > I'm trying to do LDAP authentication with Tomcat 4.1.3. I've read through > the how to docs on Tomcat's site, > http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#JNDIRealm, > and tried to follow the example. My site loads fine, but I never get an > authentication prompt when I enter my site. If anyone could sees anything > wrong with my <Realm/> or has any ideas of where else I should need to > change things, I would greatly appreciate it. Thanks. > , > Josh. > > Here's what I entered for the Realm element in > <tomcat4.1.3_home>/conf/server.xml > > <Realm className="org.apache.catalina.realm.JNDIRealm" > connectionName="ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=Arden > Hills,o=Bethel" > connectionPassword="secret" > connectionURL="ldap://corvette.mn.ptc.com:389"; > roleName="oid" > roleSearch="(uniqueMember={0})" > userPassword="userPassword" > userPattern="oid={0},ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=Arden > Hills,o=Bethel" > debug="99"/> > > Here's the AuthLDAPURL that works with Apache1 doing the authentication > ldap://corvette.mn.ptc.com:389/ou=People,ou=jfenlason_r62DC,ou=jfenlason,l=A > rden Hills,o=Bethel" > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
