On 15 March 2012 17:01, Pid * <p...@pidster.com> wrote:
> On 15 Mar 2012, at 16:23, Neil Munro <neilmu...@gmail.com> wrote:
>
>> Hi all,
>> I am trying to implement a means to authenticate a user on a
>> web app via ldap, I have been trying for some time and am now
>> intimately familiar with the files I need to edit, but not exactly
>> how.
>>
>> I know that much of the ldap stuff goes into the server.xml file
>> inside of the tomcat conf directory, it is here I have been trying to
>> configure an ldap realm.
>
> OK. Can you post that bit of config, inline in your reply? Passwords
> etc redacted in necessary.
Sure, here you are:
<!--Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionName="uid={0},ou=my company
users,dc=mycompany,dc=com "
connectionPassword="userPassword"
connectionURL="ldap://my.ldap.server.com";
alternateURL="ldap://my.ldap.server.com";
roleBase="ou=my company users,dc=mycompany,dc=com"
roleName="cn"
roleSearch="(uniqueMember={0})"
roleSubtree="false"
userSearch="(uid={0})"
userPassword="userPassword"
userPattern="uid={0},ou=my company
users,dc=mycompany,dc=com"
/-->
<Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://my.ldap.server.com";
alternateURL="ldap://my.ldap.server.com";
userPattern="uid={0},ou=my company
users,dc=mycompany,dc=com" />
>
>> I have attached the files I have been working
>> with, the basic idea is that a user must first log on before they can
>> access any area of the site, also all users can log in, and access all
>> areas of the site.
>
> Can you explain how you are configuring the auth, please? Are you
> using the container FORM authentication, for example?
>
> If so, can you post that bit of config inline in your reply?
Yes I am using, or rather trying to use a html form to get the
information to pass to ldap to authenticate.
<!-- uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/fail_login.jsp</form-error-page>
</form-login-config>
</login-config>
Thank's,
Neil
>
> p
>
>
>> A user is presented with the login page, and if they cannot be
>> authenticated they are alerted and are given the option to redirect
>> back to the login page. Which I have working, thought I think that's
>> simply because I cannot get the logging in bit work.
>>
>> I do not have access to the LDAP server or schema and cannot implement
>> changes to that, I can however alter the tomcat server, jsp files etc.
>> I am trying to write a company wide web app, and have free reign, but
>> it's historically been written in jsp so we want to keep as much of
>> that as we can.
>>
>> Software and versions: Tomcat 6.0.35, Java 1.4 through to 1.7 (I am
>> required to have all installed) and Windows 7 64.
>>
>> Any help would be fantastic as I have read lots of resources but
>> there's no definitive tutorial to set such a thing up.
>>
>> Thanks,
>> Neil Munro
>> <files.zip>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
