clearapachetomcat
apachetomcat 时间:2021-01-11 阅读:()
ConfigureApacheTomcatwithOpenDJasanIdentityStoreApacheTomcatcandocontainermanagedsecurity,whereTomcatconnectstoanidentitydatastoreforuserauthentication.
TheApacheTomcatRealmexplainsgenerallyhowtosetthisup.
ConfigurationHOW-TOThisarticledemonstrateshowtosetupTomcat7touseOpenDJwithaJNDIRealmforavirtualhost.
ThebasicsetupsidestepssomeofthecomplexitybyusingasingleOpenDJserver,thoughtheJNDIRealmletsyousetbothconnectionURLsandalternateURLstoallowforfailover.
ThebasicsetupalsodoesnotcoversecuringtheconnectionfromTomcattoOpenDJ.
IfyoudeployOpenDJasanidentitystoreforTomcatinproduction,thenTomcatshouldconnecttoOpenDJusingStartTLSorLDAPStoavoidsendingpasswordsincleartextwhenusersauthenticate.
UsersandRolesinOpenDJInordertohavesometestusers,youcanimportintoadc=example,dc=comsuffixinOpenDJatinstallationtime.
(SeetheExample.
ldifOpenDJInstallationforhelpinstallingthelatestnightlybuildofOpenDJ.
)Hereisasearchonafamousexampleuser:Guide$/path/to/OpenDJ/bin/ldapsearch-p1389-bdc=example,dc=comuid=bjensencnuidmaildn:uid=bjensen,ou=People,dc=example,dc=comuid:bjensencn:BarbaraJensencn:BabsJensenmail:bjensen@example.
comRolesinApacheTomcatmaptogroupsinOpenDJ.
Therefore,defineacoupleofgroupstousewithTomcat.
dn:cn=tomcat,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"tomcat"rolecn:tomcatuniqueMember:uid=kvaughan,ou=People,dc=example,dc=comuniqueMember:uid=bjensen,ou=People,dc=example,dc=comdn:cn=role1,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"role1"Tomcatrolecn:role1uniqueMember:uid=kvaughan,ou=People,dc=example,dc=comTomcatConfigurationFortheTomcatrealmconfiguration,thefollowingdefinitionconnectstoOpenDJonthelocalhost,port1389(thedefaultLDAPportwhennotrunningasrootonLinuxorUNIX),andletsusersloginby(forexample,BabsJensenlogsinas).
uidbjensenGroupmembershipcomeseitherfromOpenDJgrouplookup,orfromtheattributeontheuserentry.
isMemberOfAddthedefinitionto,forexampleinsidetheelement.
/path/to/tomcat/conf/server.
xmlMakesureOpenDJisrunning,andthenrestartTomcattobesurethechangestakeeffect.
SmokeTestTrytheexampleapplicationwithform-basedloginshippedwithTomcat,http://localhost:8080/examples/jsp/security/protected/Loginaswithpassword.
bjensenhifalutinAtthispointyoucanaddyourownprotectedapplications.
TheApacheTomcatRealmexplainsgenerallyhowtosetthisup.
ConfigurationHOW-TOThisarticledemonstrateshowtosetupTomcat7touseOpenDJwithaJNDIRealmforavirtualhost.
ThebasicsetupsidestepssomeofthecomplexitybyusingasingleOpenDJserver,thoughtheJNDIRealmletsyousetbothconnectionURLsandalternateURLstoallowforfailover.
ThebasicsetupalsodoesnotcoversecuringtheconnectionfromTomcattoOpenDJ.
IfyoudeployOpenDJasanidentitystoreforTomcatinproduction,thenTomcatshouldconnecttoOpenDJusingStartTLSorLDAPStoavoidsendingpasswordsincleartextwhenusersauthenticate.
UsersandRolesinOpenDJInordertohavesometestusers,youcanimportintoadc=example,dc=comsuffixinOpenDJatinstallationtime.
(SeetheExample.
ldifOpenDJInstallationforhelpinstallingthelatestnightlybuildofOpenDJ.
)Hereisasearchonafamousexampleuser:Guide$/path/to/OpenDJ/bin/ldapsearch-p1389-bdc=example,dc=comuid=bjensencnuidmaildn:uid=bjensen,ou=People,dc=example,dc=comuid:bjensencn:BarbaraJensencn:BabsJensenmail:bjensen@example.
comRolesinApacheTomcatmaptogroupsinOpenDJ.
Therefore,defineacoupleofgroupstousewithTomcat.
dn:cn=tomcat,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"tomcat"rolecn:tomcatuniqueMember:uid=kvaughan,ou=People,dc=example,dc=comuniqueMember:uid=bjensen,ou=People,dc=example,dc=comdn:cn=role1,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"role1"Tomcatrolecn:role1uniqueMember:uid=kvaughan,ou=People,dc=example,dc=comTomcatConfigurationFortheTomcatrealmconfiguration,thefollowingdefinitionconnectstoOpenDJonthelocalhost,port1389(thedefaultLDAPportwhennotrunningasrootonLinuxorUNIX),andletsusersloginby(forexample,BabsJensenlogsinas).
uidbjensenGroupmembershipcomeseitherfromOpenDJgrouplookup,orfromtheattributeontheuserentry.
isMemberOfAddthedefinitionto,forexampleinsidetheelement.
/path/to/tomcat/conf/server.
xmlMakesureOpenDJisrunning,andthenrestartTomcattobesurethechangestakeeffect.
SmokeTestTrytheexampleapplicationwithform-basedloginshippedwithTomcat,http://localhost:8080/examples/jsp/security/protected/Loginaswithpassword.
bjensenhifalutinAtthispointyoucanaddyourownprotectedapplications.
- clearapachetomcat相关文档
- creationapachetomcat
- POJOsapachetomcat
- multiapachetomcat
- authenticaapachetomcat
- removeapachetomcat
- 考勤apachetomcat
青果网络618:洛杉矶CN2 GIA/东京CN2套餐年付199元起,国内高防独服套餐66折
青果网络怎么样?青果网络隶属于泉州市青果网络科技有限公司,青果网络商家成立于2015年4月1日,拥有工信部颁发的全网IDC/ISP/IP-VPN资质,是国内为数不多具有IDC/ISP双资质的综合型云计算服务商。青果网络是APNIC和CNNIC地址分配联盟成员,泉州市互联网协会会员单位,信誉非常有保障。目前,青果网络商家正式开启了618云特惠活动,针对国内外机房都有相应的优惠。点击进入:青果网络官方...
轻云互联22元/月,美国硅谷、圣何塞CN2GIA云服务器,香港沙田cn2建站vps仅25元/月
轻云互联怎么样?轻云互联,广州轻云网络科技有限公司旗下品牌,2018年5月成立以来,轻云互联以性价比的价格一直为提供个人,中大小型企业/团队云上解决方案。本次轻云互联送上的是美国圣何塞cn2 vps(免费50G集群防御)及香港沙田cn2 vps(免费10G集群防御)促销活动,促销产品均为cn2直连中国大陆线路、采用kvm虚拟技术架构及静态内存。目前,轻云互联推出美国硅谷、圣何塞CN2GIA云服务器...
月神科技:香港CN2/洛杉矶CN2/华中电信高防vps,月付20元起
月神科技怎么样?月神科技是由江西月神科技有限公司运营的一家自营云产品的IDC服务商,提供香港安畅、香港沙田、美国CERA、华中电信等机房资源,月神科技有自己的用户群和拥有创宇认证,并且也有电商企业将业务架设在月神科技的平台上。目前,香港CN2云服务器、洛杉矶CN2云主机、华中电信高防vps,月付20元起。点击进入:月神科技官方网站地址月神科技vps优惠信息:香港安畅CN2-GIA低至20元核心:2...
apachetomcat为你推荐
-
空间主机网站服务器,主机,空间 有什么区别?.net虚拟主机.net虚拟主机空间怎么选择,国内虚拟主机哪家比较好,各有什么特色域名代理怎么通过域名赚钱vps虚拟主机虚拟主机和VPS该选择哪个比较好免费vps服务器请推荐一个免费的云服务器?山东虚拟主机济宁梦网科技淘宝虚拟主机我想在淘宝买虚拟主机不知道哪家好?想找长期合作稳定的asp虚拟主机支持ASP MSSQL 的虚拟主机有哪些推荐m3型虚拟主机谁在用中国万网M3虚拟主机?怎么样?域名网站哪里可以给你免费的域名做个网站