Hello,
I try to implement the authentification for the tomcat manager application
against active directory.
Unfortunately I don't understand the role concept. I like to give the users
permissions to open the manager when they're in this group:
> memberOf: CN=Tomcat Admins,OU=Roles,OU=Spezielle
> Gruppen,OU=SITES,OU=\#KONFIGURATION,DC=DOM,DC=de
server.xml:
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionName="CN=SVC,OU=Service
Accounts,OU=SITES,OU=\#KONFIGURATION,DC=DOM,DC=de"
connectionPassword="_2VK!WHzybn1SJ8P"
connectionURL="ldap://server:389/OU=SITES,OU=\#KONFIGURATION,DC=DOM,DC=de?sAMAccountName?sub?(objectClass=*)"
userSearch="(sAMAccountName={0})"
userSubtree="true"
roleSearch="(memberof={0})"
roleSubtree="true"
userRoleName="CN=Tomcat Admins,OU=Roles,OU=Spezielle
Gruppen,OU=SITES,OU=\#KONFIGURATION,DC=DOM,DC=de "
/>
<!-- roleBase="DC=DOM,DC=de"
roleName="cn"
-->
With this configuration I can open the Manager, but got no permissions.
Even if the user role relationship will found, I don't understand how I can
assign tomcat roles (e.g. manager-gui) to the user.
Thanks!
Best Regards,
Bjoern
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
