How to configure Tomcat 5.5 for authentication against Win2003 Activedirectory (LDAP)

Question

How to configure Tomcat 5.5 for authentication against Win2003 Activedirectory (LDAP)

How to configure Tomcat 5.5 for authentication in Win2003 Activedirectory (LDAP)

What changes are needed to configure tomcat by default, at least server.xml needs to somehow change the IP address of the Win2003 server?

+3

tomcat active-directory ldap

Tom Dec 05 '08 at 13:31

source share

4 answers

Configure Tomcat using Active Directory . I have not tried it. Good luck.

0

Igal Serban Dec 05 '08 at 16:09

source share

I want the LDAP username to select the username from the activated directory, the browser will display the user + pwd dialog when using firefox, etc.

Its OK if IE shakes hands automatically, but its not needed.

0

Tom Dec 9 '08 at 11:34

source share

@thanks, the directory log now shows: PartialResultException LDAP error 10 any ideas how to fix this? - Tom December 11

I saw this error, and it pulled me up. I found that the LDAP server did not return the mail items that I requested

 seen below:-- emailAddress=mail User Property Names Mapping : userId=sAMAccountName,name=cn,emailAddress=displayName

Found that binding to something that was retunred has been processed, i.e. displayName .

0

der May 16, '12 at 15:52

source share

Jerome delattre · Accepted Answer · 2008-12-10T15:03:31+0000

I do not know if "automatic" login to IE is possible.

But you can use the "classic" login form (Java EE style) and let Tomcat log in to Active Directory using JNDI Realm.

change the default scope on server.xml or set the scope in your application context.xml as follows:

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://your-activedirectory-server:389" connectionName="a user with read access to AD (optional if anonymous access is permitted)" connectionPassword="password" referrals="follow" userBase="where to look for users, for instance: DC=mycompany,DC=com" userSearch="(sAMAccountName={0})" userSubtree="true" roleBase="where to look for groups, for instance: DC=mycompany,DC=com" roleName="cn" roleSearch="(member={0})" roleSubtree="true"/>

More information here: Apache Tomcat 5.5 Realm Configuration AS-B

And: Active Directory Integration

How to configure Tomcat 5.5 for authentication against Win2003 Activedirectory (LDAP)

More articles: