<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://need.morecowbell.com:389" userBase="dc=more,dc=morecowbell,dc=com" userSearch="(userPrincipalName={0})" userRoleName="member" roleBase="dc=more,dc=morecowbell,dc=com" roleName="cn" roleSearch="(member={0})" connectionName="cn=A_USER,cn=Users,dc=more,dc=morecowbell,dc=com" connectionPassword="prescription" roleSubtree="true" userSubtree="true" />
To connect to active directory, you need a special user connection. Thats why connectionName="cn=A_USER,cn=Users,dc=more,dc=morecowbell,dc=com"
is used.
I hope you have better luck that I had.
-Tim
Dan Payne wrote:
I'm looking for some assistance in setting up single-sign on with our windows 2000 intranet and Tomcat using Windows Active Directory and a Tomcat JINDIRealm and LDAP. What I'm essentially looking for is HttpServletRequest.getRemoteUser() to return the username used to authenticate to the Windows network (Active Directory).
My last post was rather vague and elicited no responses. I've done some more research and this seems to be the way to go but it would be nice if anyone who's already done it could relate their experiences or perhaps point me in the right direction to some resources covering this issue.
Thanks again,
Dan
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]