Realm ldaps
Hello,
I like to change my ldap jndirealm to ldaps.
Realm className=org.apache.catalina.realm.LockOutRealm
Realm className=org.apache.catalina.realm.UserDatabaseRealm
resourceName=UserDatabase/
Realm className=org.apache.catalina.realm.JNDIRealm
connectionName=CN=SVC_TomcatLdapQuery,OU=Service
Accounts,OU=Hamburg,OU=SITES,OU=\#KONFIGURATION,DC=,DC=de
connectionPassword=5o7tLm-2hei5ciJ2z9H-kCWGO2ZRPiLY
connectionURL=ldaps://ads1:636/OU=,OU=SITES,OU=\#KONFIGURATION,DC=,DC=de?sAMAccountName?sub?(objectClass=*)
alternateURL=ldaps://ads2:636/OU=,OU=SITES,OU=\#KONFIGURATION,DC=,DC=de?sAMAccountName?sub?(objectClass=*)
userSearch=(sAMAccountName={0})
userSubtree=true
userRoleName=memberOf
/
/Realm
Unfortunately, it's not working yet. I guess I need to disabled client cert
verification, but I can't find any option for Realms.
Do you know such an option?
Best Regards,
Bjoern
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Realm ldaps
On Thu, Mar 27, 2014 at 8:45 AM, bjoern.bec...@easycash.de wrote: Hello, I like to change my ldap jndirealm to ldaps. Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ Realm className=org.apache.catalina.realm.JNDIRealm connectionName=CN=SVC_TomcatLdapQuery,OU=Service Accounts,OU=Hamburg,OU=SITES,OU=\#KONFIGURATION,DC=,DC=de How do you get away with an empty domainComponent? DC= ? This doesn't say you can't have an empty name, but why would you. Just curious. http://msdn.microsoft.com/en-us/library/aa366101%28v=vs.85%29.aspx
AW: Realm ldaps
-Ursprüngliche Nachricht- Von: Leo Donahue [mailto:donahu...@gmail.com] Gesendet: Donnerstag, 27. März 2014 17:54 An: Tomcat Users List Betreff: Re: Realm ldaps On Thu, Mar 27, 2014 at 8:45 AM, bjoern.bec...@easycash.de wrote: Hello, I like to change my ldap jndirealm to ldaps. Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ Realm className=org.apache.catalina.realm.JNDIRealm connectionName=CN=SVC_TomcatLdapQuery,OU=Service Accounts,OU=Hamburg,OU=SITES,OU=\#KONFIGURATION,DC=,DC=de How do you get away with an empty domainComponent? DC= ? Sorry for confusing, this seems to be a mistake. In my orginal config I of course got DC=DOM,DC=de. This doesn't say you can't have an empty name, but why would you. Just curious. http://msdn.microsoft.com/en-us/library/aa366101%28v=vs.85%29.aspx - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Realm ldaps
On Thu, Mar 27, 2014 at 10:20 AM, bjoern.bec...@easycash.de wrote: -Ursprüngliche Nachricht- Von: Leo Donahue [mailto:donahu...@gmail.com] Gesendet: Donnerstag, 27. März 2014 17:54 An: Tomcat Users List Betreff: Re: Realm ldaps On Thu, Mar 27, 2014 at 8:45 AM, bjoern.bec...@easycash.de wrote: Hello, I like to change my ldap jndirealm to ldaps. Realm className=org.apache.catalina.realm.LockOutRealm Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase/ Realm className=org.apache.catalina.realm.JNDIRealm connectionName=CN=SVC_TomcatLdapQuery,OU=Service Accounts,OU=Hamburg,OU=SITES,OU=\#KONFIGURATION,DC=,DC=de How do you get away with an empty domainComponent? DC= ? Sorry for confusing, this seems to be a mistake. In my orginal config I of course got DC=DOM,DC=de. Does fixing that solve the issue? Does Tomcat start with this configuration? Anything in the logs?
