-----Original Message----- From: André Warnier (tomcat) [mailto:a...@ice-sa.com] Sent: 27 March 2017 11:12 To: users@tomcat.apache.org Subject: Re: LDAP authentication for Tomcat's webapp 'Opengrok'
On 27.03.2017 11:01, Alfie Patolilic wrote: > Tomcat Version : 6.0.36 > OS : Red Hat Enterprise Linux 7.3 > > Hello, > > I have a question on how I am able to set the following, regarding the web > application that runs under Apache Tomcat, 'Opengrok'. The idea is to set a > hostname for 'localhost:8080/grok', so when users try and access the page via > the hostname, they are prompted for authentication of their username and > password. > I have currently configured the server.xml to connect to LDAP. I have added > below the configuration on my server.xml. I am unsure as to where to go from > here, how I will be able to link the hostname. I have changed some values in > the information given for security purposes. > > <!-- Adding the following for OpenGrok --> > <Realm className="org.apache.catalina.realm.LockOutRealm"> > <Realm className="org.apache.catalina.realm.UserDatabaseRealm" > resourceName="UserDatabase"/> > <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" > connectionURL="ldap://<host> " > connectionName="ldap@company " > connectionPassword="password" > referrals="follow" > userBase="DC=<company>" > userSearch="(sAMAccountName={0})" > userSubtree="true" > roleBase="DC=<company>" > roleName="cn" > roleSubtree="true" > roleSearch="(member={0})" > allRolesMode="strictAuthOnly" > /> > </Realm> > > I have checked the web for blogs and asked other tomcat groups but was not > able to get any answers. > > I am aware that the version of Apache Tomcat I am using is outdated and has > reached its end of life. Though necessary, I cannot update to a newer version > of the application due to some issues. > > Hi. > > I believe that you are confused about 2 separate topics : "hostnames" and > "web application > security". > It is the web application which is "protected" by a userid/password login > requirement, not > the hostname. > This page of the on-line tomcat 6 documentation provides some hints : > http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html > In the "Quick Start" section, you will see that in order to "force" someone > to > authenticate in order to use the application, you need to specify some things > in the > web.xml of the application. > And in the "Example Application" section, it points to an example application > that has > these things. > Maybe you can start from there ? > > And for the "host name" part, see this section : > http://tomcat.apache.org/tomcat-6.0-doc/virtual-hosting-howto.html > But that is a different issue. > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org Hi André, Thank you for the reply, I apologize for the unclear question, It is just one host instance. I meant that currently, I can access opengrok via localhost:8080/grok . I am planning on configuring a hostname called 'grok.company.com' which redirects to localhost:8080/grok. When they access grok using grok.company.com, they will be prompted with a userid and password using LDAP. I have configured the Realm element as stated on the previous message. Thank you, Alfie --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org