Hey All-
Finally Finally, Finally, I figured out how to authenticate to Active Directory.......(code below minus the login form).....now to go further, I would like to implement Single Sign-On.....somehow we would need to retrieve the user's name and password off their NT machine and use them to automatically post the form......does anyone have any suggestions? Also, I was able to see in the log that it enumerates the groups of the user, but It didn't find the "Domain Users" group.........hmmmm.....anyone know why? I see the security group in AD Comp & Users...... <SERVER.XML> <Context> ......stuff ......stuff .....stuff <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://[Domain Controller]:389" userBase="OU=Users,OU=Shawmut,DC=[Domain],DC=com" userSearch="(sAMAccountName={0})" userRoleName="member" roleBase="OU=Users,OU=Shawmut,DC=[Domain],DC=com" roleName="memberOf" roleSearch="(memberOf=CN=tomcat,CN=Users,DC=[Domain],DC=com)" connectionName="CN=Administrator,CN=Users,DC=[Domain],DC=com" connectionPassword="[password]" roleSubtree="true" userSubtree="true"/> </Context> <WEB.XML> <security-constraint> <display-name>Show Tracker Security Constraint</display-name> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>CN=Alloffice,OU=SDC,OU=Email Distribution Lists,OU=Groups,OU=Shawmut,DC=[Domain],DC=com</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>Show Tracker Authentication Area</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/error.jsp</form-error-page> </form-login-config> </login-config>