I want to setup "windows authentication" in my tomcat 7.0.37
I read the user guide
http://tomcat.apache.org/tomcat-7.0-doc/windows-auth-howto.html and I
follow all the step in Domain Controller and Tomcat Instance
Then I write the $CATALINA_BASE\webapps\myappl\WEB-INF\web.xml
and the $CATALINA_BASE\webapps\myappl\META-INF\context.xml
as below
The question is:
How can I remove connectionName and connectionPassword from the
context.xml file?
Without the 2 element authentication doesn't work but in a production
environment I cannot put password in clear text
---------------- 1st file web.xml -----------------
<web-app>
<display-name>Test Appl</display-name>
<description>Written by Bob</description>
<security-constraint>
<display-name>Bob Appl Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Private Zone</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>role1</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>SPNEGO</auth-method>
</login-config>
<security-role>
<role-name>role1</role-name>
<role-name>role2</role-name>
<role-name>role3</role-name>
</security-role>
</web-app>
---------------- 2nd file context.xml -----------------
<Context>
<Realm className="org.apache.catalina.realm.JNDIRealm"
adCompat="true"
allRolesMode="authOnly"
referrals="follow"
connectionURL="ldap://dc01.mydom.local:389";
connectionName="mydom\tcuser"
connectionPassword="Pa55w0rd"
userBase="dc=mydom,dc=local"
userSubtree="true"
userSearch="(sAMAccountName={0})"
roleBase="ou=groups,ou=myappl,dc=mydom,dc=local"
roleName="cn"
roleSearch="(member={0})"
roleSubtree="true"
/>
</Context>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
