Hi, i've got a Microsoft IIS 6.0 Webservice. Behind the IIS is an Apache Tomcat 5.5.26 (connected via ISAPI and AJP/1.3) protocoll.
In the IIS "Integrated Windows Authentication" is enabled. On server.xml tomcatauthentication is set to false. Also o've configured a JNDI REALM: <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://********:389/" connectionName="*************" connectionPassword="*********" userBase="OU=******,OU=********,OU=******,DC=******,DC=********" userSearch="(sAMAccountName={0})" userSubtree="true" userRoleName="memberOf" roleBase="OU=******,OU=******,OU=******,OU=******,OU=*********,DC=*****, DC=*****" roleName="name" roleSubtree="true" roleSearch="(cn={0})" /> in the web.xml of Tomcat (/conf/web.xml) i've configured an security-constraint: <security-constraint> <web-resource-collection> <web-resource-name>Test</web-resource-name> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>PUT</http-method> <http-method>DELETE</http-method> </web-resource-collection> <auth-constraint> <role-name>some_ad_role_name</role-name> </auth-constraint> </security-constraint> <security-role> <description>Only 'tomcat' role is allowed to access this web application</description> <role-name>some_ad_role_name</role-name> </security-role> Now, i'ld like to realize, that Tomcat give access only to users, which are in one Active Directory Group detected on IIS. Can anybody help me? Thanks in advice --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org