clearapachetomcat
apachetomcat 时间:2021-01-11 阅读:()
ConfigureApacheTomcatwithOpenDJasanIdentityStoreApacheTomcatcandocontainermanagedsecurity,whereTomcatconnectstoanidentitydatastoreforuserauthentication.
TheApacheTomcatRealmexplainsgenerallyhowtosetthisup.
ConfigurationHOW-TOThisarticledemonstrateshowtosetupTomcat7touseOpenDJwithaJNDIRealmforavirtualhost.
ThebasicsetupsidestepssomeofthecomplexitybyusingasingleOpenDJserver,thoughtheJNDIRealmletsyousetbothconnectionURLsandalternateURLstoallowforfailover.
ThebasicsetupalsodoesnotcoversecuringtheconnectionfromTomcattoOpenDJ.
IfyoudeployOpenDJasanidentitystoreforTomcatinproduction,thenTomcatshouldconnecttoOpenDJusingStartTLSorLDAPStoavoidsendingpasswordsincleartextwhenusersauthenticate.
UsersandRolesinOpenDJInordertohavesometestusers,youcanimportintoadc=example,dc=comsuffixinOpenDJatinstallationtime.
(SeetheExample.
ldifOpenDJInstallationforhelpinstallingthelatestnightlybuildofOpenDJ.
)Hereisasearchonafamousexampleuser:Guide$/path/to/OpenDJ/bin/ldapsearch-p1389-bdc=example,dc=comuid=bjensencnuidmaildn:uid=bjensen,ou=People,dc=example,dc=comuid:bjensencn:BarbaraJensencn:BabsJensenmail:bjensen@example.
comRolesinApacheTomcatmaptogroupsinOpenDJ.
Therefore,defineacoupleofgroupstousewithTomcat.
dn:cn=tomcat,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"tomcat"rolecn:tomcatuniqueMember:uid=kvaughan,ou=People,dc=example,dc=comuniqueMember:uid=bjensen,ou=People,dc=example,dc=comdn:cn=role1,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"role1"Tomcatrolecn:role1uniqueMember:uid=kvaughan,ou=People,dc=example,dc=comTomcatConfigurationFortheTomcatrealmconfiguration,thefollowingdefinitionconnectstoOpenDJonthelocalhost,port1389(thedefaultLDAPportwhennotrunningasrootonLinuxorUNIX),andletsusersloginby(forexample,BabsJensenlogsinas).
uidbjensenGroupmembershipcomeseitherfromOpenDJgrouplookup,orfromtheattributeontheuserentry.
isMemberOfAddthedefinitionto,forexampleinsidetheelement.
/path/to/tomcat/conf/server.
xmlMakesureOpenDJisrunning,andthenrestartTomcattobesurethechangestakeeffect.
SmokeTestTrytheexampleapplicationwithform-basedloginshippedwithTomcat,http://localhost:8080/examples/jsp/security/protected/Loginaswithpassword.
bjensenhifalutinAtthispointyoucanaddyourownprotectedapplications.
TheApacheTomcatRealmexplainsgenerallyhowtosetthisup.
ConfigurationHOW-TOThisarticledemonstrateshowtosetupTomcat7touseOpenDJwithaJNDIRealmforavirtualhost.
ThebasicsetupsidestepssomeofthecomplexitybyusingasingleOpenDJserver,thoughtheJNDIRealmletsyousetbothconnectionURLsandalternateURLstoallowforfailover.
ThebasicsetupalsodoesnotcoversecuringtheconnectionfromTomcattoOpenDJ.
IfyoudeployOpenDJasanidentitystoreforTomcatinproduction,thenTomcatshouldconnecttoOpenDJusingStartTLSorLDAPStoavoidsendingpasswordsincleartextwhenusersauthenticate.
UsersandRolesinOpenDJInordertohavesometestusers,youcanimportintoadc=example,dc=comsuffixinOpenDJatinstallationtime.
(SeetheExample.
ldifOpenDJInstallationforhelpinstallingthelatestnightlybuildofOpenDJ.
)Hereisasearchonafamousexampleuser:Guide$/path/to/OpenDJ/bin/ldapsearch-p1389-bdc=example,dc=comuid=bjensencnuidmaildn:uid=bjensen,ou=People,dc=example,dc=comuid:bjensencn:BarbaraJensencn:BabsJensenmail:bjensen@example.
comRolesinApacheTomcatmaptogroupsinOpenDJ.
Therefore,defineacoupleofgroupstousewithTomcat.
dn:cn=tomcat,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"tomcat"rolecn:tomcatuniqueMember:uid=kvaughan,ou=People,dc=example,dc=comuniqueMember:uid=bjensen,ou=People,dc=example,dc=comdn:cn=role1,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"role1"Tomcatrolecn:role1uniqueMember:uid=kvaughan,ou=People,dc=example,dc=comTomcatConfigurationFortheTomcatrealmconfiguration,thefollowingdefinitionconnectstoOpenDJonthelocalhost,port1389(thedefaultLDAPportwhennotrunningasrootonLinuxorUNIX),andletsusersloginby(forexample,BabsJensenlogsinas).
uidbjensenGroupmembershipcomeseitherfromOpenDJgrouplookup,orfromtheattributeontheuserentry.
isMemberOfAddthedefinitionto,forexampleinsidetheelement.
/path/to/tomcat/conf/server.
xmlMakesureOpenDJisrunning,andthenrestartTomcattobesurethechangestakeeffect.
SmokeTestTrytheexampleapplicationwithform-basedloginshippedwithTomcat,http://localhost:8080/examples/jsp/security/protected/Loginaswithpassword.
bjensenhifalutinAtthispointyoucanaddyourownprotectedapplications.
- clearapachetomcat相关文档
- creationapachetomcat
- POJOsapachetomcat
- multiapachetomcat
- authenticaapachetomcat
- removeapachetomcat
- 考勤apachetomcat
HostKvm四月优惠:VPS主机全场八折,香港/美国洛杉矶机房$5.2/月起
HostKvm是一家成立于2013年的国外主机服务商,主要提供基于KVM架构的VPS主机,可选数据中心包括日本、新加坡、韩国、美国、中国香港等多个地区机房,均为国内直连或优化线路,延迟较低,适合建站或者远程办公等。本月商家针对全场VPS主机提供8折优惠码,优惠后美国洛杉矶VPS月付5.2美元起。下面列出几款不同机房VPS主机产品配置信息。套餐:美国US-Plan0CPU:1cores内存:1GB硬...
knownhost西雅图/亚特兰大/阿姆斯特丹$5/月,2个IP1G内存/1核/20gSSD/1T流量
美国知名管理型主机公司,2006年运作至今,虚拟主机、VPS、云服务器、独立服务器等业务全部采用“managed”,也就是人工参与度高,很多事情都可以人工帮你处理,不过一直以来价格也贵。也不知道knownhost什么时候开始运作无管理型业务的,估计是为了扩展市场吧,反正是出来较长时间了。闲来无事,那就给大家介绍下“unmanaged VPS”,也就是无管理型VPS,低至5美元/月,基于KVM虚拟,...
飞讯云E5-2678V3 64GB,湖北十堰100G高防物理机330元/月
飞讯云官网“飞讯云”是湖北飞讯网络有限公司旗下的云计算服务品牌,专注为个人开发者用户、中小型、大型企业用户提供一站式核心网络云端部署服务,促使用户云端部署化简为零,轻松快捷运用云计算。飞讯云是国内为数不多具有ISP/IDC双资质的专业云计算服务商,同时持有系统软件著作权证书、CNNIC地址分配联盟成员证书,通过了ISO27001信息安全管理体系国际认证、ISO9001质量保证体系国际认证。 《中华...
apachetomcat为你推荐
-
域名备案查询怎么查看域名在什么空间备案的?虚拟主机推荐有哪些好的虚拟主机推荐vps试用求个免费现成的vps(可永久可试用)免费网站域名申请哪里可以申请到免费网站域名?空间域名空间域名什么意思asp网站空间什么是ASP空间?虚拟主机是什么什么是虚拟主机?apache虚拟主机如何用Apache配置安全虚拟主机 - PHP进阶讨论虚拟主机mysql我申请的虚拟主机 ,是MYSQL数据库,但是我安装好网页后,需要更改的数据库地址是我默认的还是找卖家咨询?新加坡虚拟主机请问新网的虚拟主机靠谱吗?