LDAP/Realm with TLS in Tomcat 6/7?
Dear all, is there a lib/method/whatever to achieve Realm Auth in Tomcat 5.x where username/password are protected by TLS? org.apache.catalina.realm.JNDIRealm works with Tomcat 5, but not in 6 :-( best regards Jens www.biotronik.com BIOTRONIK - Celebrating 50 years of excellence Founded in 1963 with the development of the first German pacemaker, BIOTRONIK has brought innovations and the highest quality standards to the cardiac rhythm management and vascular intervention fields in more than 100 countries around the world. We’ve developed advanced technologies such as BIOTRONIK Home Monitoring®, Closed Loop Stimulation (CLS) and Orsiro, the industry's first hybrid drug eluting stent. BIOTRONIK also offers the broadest portfolio of cardiac devices with ProMRI®, an advanced technology that gives patients access to magnetic resonance (MR) scanning. BIOTRONIK SE Co. KG Woermannkehre 1, 12359 Berlin, Germany Sitz der Gesellschaft: Berlin, Registergericht: Berlin HRA 6501 Vertreten durch ihre Komplementärin: BIOTRONIK MT SE Sitz der Gesellschaft: Berlin, Registergericht: Berlin HRB 118866 B Geschäftsführende Direktoren: Christoph Böhmer, Dr. Lothar Krings This e-mail and the information it contains including attachments are confidential and meant only for use by the intended recipient(s); disclosure or copying is strictly prohibited. If you are not addressed, but in the possession of this e-mail, please notify the sender immediately and delete the document.
Re: LDAP/Realm with TLS in Tomcat 6/7?
Jens, On 6.8.2013 12:44, Jens Neu wrote: is there a lib/method/whatever to achieve Realm Auth in Tomcat 5.x where username/password are protected by TLS? I never tried it myself, but you might find these links useful: https://wiki.apache.org/tomcat/JNDI_startTLs_HowTo https://issues.apache.org/bugzilla/show_bug.cgi?id=49785 https://www.mail-archive.com/users@tomcat.apache.org/msg80660.html org.apache.catalina.realm.JNDIRealm works with Tomcat 5, but not in 6 :-( JNDIRealm should work just fine in any supported Tomcat version. If you have any problems with it, please report it here. BTW, if you are already upgrading, you may consider to upgrade directly to latest Tomcat 7, to save yourself from doing two upgrades. -Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: LDAP/Realm with TLS in Tomcat 6/7?
you will need to supply any security credentials to that layer and inform the connector you are using protocol=TLS and match each attribute to attribute from the supplied key package (.pfx/.p7b) http://tomcat.apache.org/tomcat-4.1-doc/ssl-howto.html HTH, Martin __ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. Date: Tue, 6 Aug 2013 13:36:41 +0200 From: ognjen.d.blagoje...@gmail.com To: users@tomcat.apache.org Subject: Re: LDAP/Realm with TLS in Tomcat 6/7? Jens, On 6.8.2013 12:44, Jens Neu wrote: is there a lib/method/whatever to achieve Realm Auth in Tomcat 5.x where username/password are protected by TLS? I never tried it myself, but you might find these links useful: https://wiki.apache.org/tomcat/JNDI_startTLs_HowTo https://issues.apache.org/bugzilla/show_bug.cgi?id=49785 https://www.mail-archive.com/users@tomcat.apache.org/msg80660.html org.apache.catalina.realm.JNDIRealm works with Tomcat 5, but not in 6 :-( JNDIRealm should work just fine in any supported Tomcat version. If you have any problems with it, please report it here. BTW, if you are already upgrading, you may consider to upgrade directly to latest Tomcat 7, to save yourself from doing two upgrades. -Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: LDAP/Realm with TLS in Tomcat 6/7?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jens, Please ignore Martin's response, because: a) It incorrectly identifies the issue (Connector versus Realm) b) Gives you a link to outdated documentation (3 versions older) - -chris On 8/6/13 8:21 AM, Martin Gainty wrote: you will need to supply any security credentials to that layer and inform the connector you are using protocol=TLS and match each attribute to attribute from the supplied key package (.pfx/.p7b) http://tomcat.apache.org/tomcat-4.1-doc/ssl-howto.html HTH, Martin __ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. Date: Tue, 6 Aug 2013 13:36:41 +0200 From: ognjen.d.blagoje...@gmail.com To: users@tomcat.apache.org Subject: Re: LDAP/Realm with TLS in Tomcat 6/7? Jens, On 6.8.2013 12:44, Jens Neu wrote: is there a lib/method/whatever to achieve Realm Auth in Tomcat 5.x where username/password are protected by TLS? I never tried it myself, but you might find these links useful: https://wiki.apache.org/tomcat/JNDI_startTLs_HowTo https://issues.apache.org/bugzilla/show_bug.cgi?id=49785 https://www.mail-archive.com/users@tomcat.apache.org/msg80660.html org.apache.catalina.realm.JNDIRealm works with Tomcat 5, but not in 6 :-( JNDIRealm should work just fine in any supported Tomcat version. If you have any problems with it, please report it here. BTW, if you are already upgrading, you may consider to upgrade directly to latest Tomcat 7, to save yourself from doing two upgrades. -Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSAQUAAAoJEBzwKT+lPKRYb/AQAKCewt4vbjJy+VwB2cMv5lWo 7XckXggeq/G4H8x4JgJ1ylTqYUwZaHa3AtClucjyfuORbW1SYioW5SJIvDiSC80k zXbeEpcBPRMHrofCYCwONYNH/bnIy+Z1Q7xL6JMjoiDrRSjADBSr/v8BJUF1Frnj SIxo6PfyWFrTVmHdZz9IWDrYy14k88a1jPl6Jo42xnq18oV5CnHbCVKBx4tEpDF2 lOmPgxjmmNbJ+IJjUJfWpTGm1KIuKl4W56reMTYrmgOolG7CCAbbxkV3SGSB+HRI xoI2TzMvrzDjMnNPdZoOoMhH594zVqsAtTKiUnPoWWoIYMKMw+hZJEy2aGVudhhe EC3q3+riwq36oGcrmWLfXlfKTt7hgoYhSxhV/ZEOWU2W73nj6pZjY89NZqhZvC+S cdzKuFxYf5kMk7P2IqaNLyfpw9a0unZ9UxHEnPy1NHetPL/BMp8h39xJdtSyZw// DTFSrfinua1rNvXbLplenmVGlk6eQYu/Ps63cpVOFy14xjcq2a1mThnYNWhp+Mbb kszeIxs1+vVDpH49b9kcZZYjuWrLbB3/0dBxiVnN99Yr2rq8lFUFZQ0b140jZ6AY LDPy3R4eyQR8/x68LrMXPRpiTomCQalsKeoN6HlFgZzPyzf6zU0WaNEWytQp1ksD YoLHmw6IFCtof0hTUxkZ =Ws3u -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org