On Tue, 8 Jun 2010 10:16:01 -0700, Leo Donahue - PLANDEVX <leodona...@mail.maricopa.gov> wrote: >> -----Original Message----- >> From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] >> Sent: Tuesday, June 08, 2010 9:12 AM >> To: Tomcat Users List >> Subject: RE: Allowing only specific users LDAP access >> >>> I am trying to allow only specific users access. > >> If you can't use Chris' suggestion and you're on a current version of >> Tomcat, you can combine your existing <Realm> with an additional >> authenticator, possibly > using a file where you specify the subset of >> users you're willing to allow in. > >> http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#CombinedRealm > >> - Chuck > > > Does Tomcat allow you to specify separate userBase's? Or can you only > have one per Realm? You can only have on userBase, userSearch, ... per realm. But you could use the CombinedRealm as hinted by Chuck to use multiple userBases.
Bye Felix > > userBase="CN=User1,OU=somegroup,DC=yourdomain,DC=com" > userSearch="(&(objectCategory=person)(sAMAccountName={0}))" > userSubtree="true" > userRoleName="memberOf" > > userBase="CN=User2,OU=somegroup,DC=yourdomain,DC=com" > userSearch="(&(objectCategory=person)(sAMAccountName={0}))" > userSubtree="true" > userRoleName="memberOf" > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org