How to configure Tomcat 5.5 to authenticate against Win2003 Activedirectory(LDAP)
What changes are needed to default tomcat configuration, at least server.xml needs to be changed somehow to have IP of Win2003 server?
views:
1461answers:
3
A:
Configuring Tomcat With Active Directory. Have not tried it. Good luck.
Igal Serban
2008-12-05 16:09:34
A:
I want LDAP login that picks user name from activedirectory, the browser will display the user+pwd dialog when you are using firefox etc.
Its OK if IE handshakes automatically but its not necessary.
Tom
2008-12-09 11:34:31
+1
A:
I don't know if "automatic" login with IE is possible.
But you can use a "classic" login form (JEE style) and let Tomcat perform the login against Active Directory using a JNDI Realm.
change the default realm in your server.xml or set the realm in your application's context.xml like this:
<Realm
className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://your-activedirectory-server:389"
connectionName="a user with read access to AD (optional if anonymous access is permitted)"
connectionPassword="password"
referrals="follow"
userBase="where to look for users, for instance: DC=mycompany,DC=com"
userSearch="(sAMAccountName={0})"
userSubtree="true"
roleBase="where to look for groups, for instance: DC=mycompany,DC=com"
roleName="cn"
roleSearch="(member={0})"
roleSubtree="true"/>
More informations here: Apache Tomcat 5.5 Realm Configuration HOW-TO
Jerome Delattre
2008-12-10 15:03:31
thanks, catalina log shows now: PartialResultException LDAP error 10any ideas how to fix it?
Tom
2008-12-11 10:46:56
No ideas, I just know how to perform a basic configuration, good luck.
Jerome Delattre
2008-12-12 13:23:43