clearapachetomcat
apachetomcat 时间:2021-01-11 阅读:()
ConfigureApacheTomcatwithOpenDJasanIdentityStoreApacheTomcatcandocontainermanagedsecurity,whereTomcatconnectstoanidentitydatastoreforuserauthentication.
TheApacheTomcatRealmexplainsgenerallyhowtosetthisup.
ConfigurationHOW-TOThisarticledemonstrateshowtosetupTomcat7touseOpenDJwithaJNDIRealmforavirtualhost.
ThebasicsetupsidestepssomeofthecomplexitybyusingasingleOpenDJserver,thoughtheJNDIRealmletsyousetbothconnectionURLsandalternateURLstoallowforfailover.
ThebasicsetupalsodoesnotcoversecuringtheconnectionfromTomcattoOpenDJ.
IfyoudeployOpenDJasanidentitystoreforTomcatinproduction,thenTomcatshouldconnecttoOpenDJusingStartTLSorLDAPStoavoidsendingpasswordsincleartextwhenusersauthenticate.
UsersandRolesinOpenDJInordertohavesometestusers,youcanimportintoadc=example,dc=comsuffixinOpenDJatinstallationtime.
(SeetheExample.
ldifOpenDJInstallationforhelpinstallingthelatestnightlybuildofOpenDJ.
)Hereisasearchonafamousexampleuser:Guide$/path/to/OpenDJ/bin/ldapsearch-p1389-bdc=example,dc=comuid=bjensencnuidmaildn:uid=bjensen,ou=People,dc=example,dc=comuid:bjensencn:BarbaraJensencn:BabsJensenmail:bjensen@example.
comRolesinApacheTomcatmaptogroupsinOpenDJ.
Therefore,defineacoupleofgroupstousewithTomcat.
dn:cn=tomcat,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"tomcat"rolecn:tomcatuniqueMember:uid=kvaughan,ou=People,dc=example,dc=comuniqueMember:uid=bjensen,ou=People,dc=example,dc=comdn:cn=role1,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"role1"Tomcatrolecn:role1uniqueMember:uid=kvaughan,ou=People,dc=example,dc=comTomcatConfigurationFortheTomcatrealmconfiguration,thefollowingdefinitionconnectstoOpenDJonthelocalhost,port1389(thedefaultLDAPportwhennotrunningasrootonLinuxorUNIX),andletsusersloginby(forexample,BabsJensenlogsinas).
uidbjensenGroupmembershipcomeseitherfromOpenDJgrouplookup,orfromtheattributeontheuserentry.
isMemberOfAddthedefinitionto,forexampleinsidetheelement.
/path/to/tomcat/conf/server.
xmlMakesureOpenDJisrunning,andthenrestartTomcattobesurethechangestakeeffect.
SmokeTestTrytheexampleapplicationwithform-basedloginshippedwithTomcat,http://localhost:8080/examples/jsp/security/protected/Loginaswithpassword.
bjensenhifalutinAtthispointyoucanaddyourownprotectedapplications.
TheApacheTomcatRealmexplainsgenerallyhowtosetthisup.
ConfigurationHOW-TOThisarticledemonstrateshowtosetupTomcat7touseOpenDJwithaJNDIRealmforavirtualhost.
ThebasicsetupsidestepssomeofthecomplexitybyusingasingleOpenDJserver,thoughtheJNDIRealmletsyousetbothconnectionURLsandalternateURLstoallowforfailover.
ThebasicsetupalsodoesnotcoversecuringtheconnectionfromTomcattoOpenDJ.
IfyoudeployOpenDJasanidentitystoreforTomcatinproduction,thenTomcatshouldconnecttoOpenDJusingStartTLSorLDAPStoavoidsendingpasswordsincleartextwhenusersauthenticate.
UsersandRolesinOpenDJInordertohavesometestusers,youcanimportintoadc=example,dc=comsuffixinOpenDJatinstallationtime.
(SeetheExample.
ldifOpenDJInstallationforhelpinstallingthelatestnightlybuildofOpenDJ.
)Hereisasearchonafamousexampleuser:Guide$/path/to/OpenDJ/bin/ldapsearch-p1389-bdc=example,dc=comuid=bjensencnuidmaildn:uid=bjensen,ou=People,dc=example,dc=comuid:bjensencn:BarbaraJensencn:BabsJensenmail:bjensen@example.
comRolesinApacheTomcatmaptogroupsinOpenDJ.
Therefore,defineacoupleofgroupstousewithTomcat.
dn:cn=tomcat,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"tomcat"rolecn:tomcatuniqueMember:uid=kvaughan,ou=People,dc=example,dc=comuniqueMember:uid=bjensen,ou=People,dc=example,dc=comdn:cn=role1,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"role1"Tomcatrolecn:role1uniqueMember:uid=kvaughan,ou=People,dc=example,dc=comTomcatConfigurationFortheTomcatrealmconfiguration,thefollowingdefinitionconnectstoOpenDJonthelocalhost,port1389(thedefaultLDAPportwhennotrunningasrootonLinuxorUNIX),andletsusersloginby(forexample,BabsJensenlogsinas).
uidbjensenGroupmembershipcomeseitherfromOpenDJgrouplookup,orfromtheattributeontheuserentry.
isMemberOfAddthedefinitionto,forexampleinsidetheelement.
/path/to/tomcat/conf/server.
xmlMakesureOpenDJisrunning,andthenrestartTomcattobesurethechangestakeeffect.
SmokeTestTrytheexampleapplicationwithform-basedloginshippedwithTomcat,http://localhost:8080/examples/jsp/security/protected/Loginaswithpassword.
bjensenhifalutinAtthispointyoucanaddyourownprotectedapplications.
- clearapachetomcat相关文档
- creationapachetomcat
- POJOsapachetomcat
- multiapachetomcat
- authenticaapachetomcat
- removeapachetomcat
- 考勤apachetomcat
Fiberia.io:$2.9/月KVM-4GB/50GB/2TB/荷兰机房
Fiberia.io是个新站,跟ViridWeb.com同一家公司的,主要提供基于KVM架构的VPS主机,数据中心在荷兰Dronten。商家的主机价格不算贵,比如4GB内存套餐每月2.9美元起,采用SSD硬盘,1Gbps网络端口,提供IPv4+IPv6,支持PayPal付款,有7天退款承诺,感兴趣的可以试一试,年付有优惠但建议月付为宜。下面列出几款主机配置信息。CPU:1core内存:4GB硬盘:...
Hosteons:新上1Gbps带宽KVM主机$21/年起,AMD Ryzen CPU+NVMe高性能主机$24/年起_韩国便宜服务器
我们在去年12月分享过Hosteons新上AMD Ryzen9 3900X CPU及DDR4内存、NVMe硬盘的高性能VPS产品的消息,目前商家再次发布了产品更新信息,暂停新开100M带宽KVM套餐,新订单转而升级为新的Budget KVM VPS(SSD)系列,带宽为1Gbps端口,且配置大幅升级,目前100M带宽仅保留OpenVZ架构产品可新订购,所有原有主机不变,用户一直续费一直可用。Bud...
无法忍受旧版不兼容PHP7+主题 更换新主题
今天父亲节我们有没有陪伴家人一起吃个饭,还是打个电话问候一下。前一段时间同学将网站账户给我说可以有空更新点信息确保他在没有时间的时候还能保持网站有一定的更新内容。不过,他这个网站之前采用的主题也不知道来源哪里,总之各种不合适,文件中很多都是他多年来手工修改的主题拼接的,并非完全适应WordPress已有的函数,有些函数还不兼容最新的PHP版本,于是每次出现问题都要去排查。于是和他商量后,就抽时间把...
apachetomcat为你推荐
-
域名注册com注册一个.com的域名需要多少钱虚拟主机价格谁知道租虚拟主机多少钱?国际域名国际域名是什么?独立ip空间大家都来看看,下面哪个独立IP空间好域名注册公司国内正规的国别域名注册商是哪家?外国虚拟主机为什么淘宝上的 外国的虚拟主机 这么便宜?域名注册查询如何查域名注册信息免费网站域名申请那里 可以申请免费的 网站域名啊??免备案虚拟空间香港免备案虚拟主机空间怎么样虚拟空间免费试用哪有免费试用的虚拟主机?