堆栈内存溢出
  简体   繁体   English

如何在LDAP中使用身份验证设置Tomcat?

[英]How do I set up Tomcat with authentication in LDAP?

 原文  2012-04-17 14:16:01       authentication/ tomcat/ login/ ldap/ access-denied

问题描述

"How to use LDAP for authentication in Tomcat with Custom Authorization" “如何使用LDAP在Tomcat中使用自定义授权进行身份验证”

"LDAP authentication via web.xml in Tomcat" “通过Tomcat中的web.xml进行LDAP身份验证”

"LDAP Authentication Requirements and How to do it" “LDAP身份验证要求以及如何执行此操作”

I seem to not be the only one struggling with this issue. 我似乎不是唯一一个在这个问题上挣扎的人。 With the current configuration, I can authenticate with my LDAP users and not with system or tomcat users. 使用当前配置,我可以使用LDAP用户进行身份验证,而不是使用系统或tomcat用户进行身份验证。 The problem is that whenever I'm logged in, I'm denied access to the files I should see. 问题是每当我登录时,我都被拒绝访问我应该看到的文件。

I currently have a web.xml with the following info 我目前有一个带有以下信息的web.xml 

<security-constraint>
<web-resource-collection>
<web-resource-name>Nrt</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Home</realm-name>
</login-config>

and a server.xml with the following content 和一个包含以下内容的server.xml 

<Realm className="org.apache.catalina.realm.JNDIRealm"
             connectionURL="ldap://192.168.75.146:389"
             userPattern="uid={0},ou=people,dc=localhost,dc=localdomain"
             roleBase="cn=admin,ou=group,dc=localhost,dc=localdomain"
             roleName="cn"
             roleSearch="memberUid={1}"
             debug="99"/>

I have tried to find documentation around the net, but I'm simply stuck. 我试图找到网络上的文档,但我只是卡住了。 So far, I've managed to access it without LDAP users, or log in with LDAP users and not access the files. 到目前为止,我已经设法在没有LDAP用户的情况下访问它,或者使用LDAP用户登录而不访问文件。

Any help would be greatly appreciated. 任何帮助将不胜感激。

1 个解决方案

解决方案1
 3 已采纳  2012-04-17 16:28:51

If I understand it correctly, you can authenticate via LDAP but the authorization piece is not working as expected. 如果我理解正确,您可以通过LDAP进行身份验证,但授权部分无法按预期工作。 Based on the information you have provided, you are missing the mapping between your roles and your groups. 根据您提供的信息,您将错过角色与组之间的映射。 You can find the instructions here 你可以在这里找到说明

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Tomcat 7 中的 LDAP 身份验证,如何在 server.xml 中绑定 LDAP? - LDAP authentication in Tomcat 7, how do I bind the LDAP in server.xml? 如何为 Mantis - LDAP 和数据库用户设置双重身份验证? - How to set up dual authentication for Mantis - LDAP and database users? 如何在移动应用中设置持久身份验证? - How do I set up persistent authentication in a mobile app? 如何为 UWP 应用程序设置离线身份验证? - How do I set up offline authentication for UWP app? Tomcat 7.0.14 LDAP身份验证 - Tomcat 7.0.14 LDAP authentication 如何进行Ldap服务器身份验证? - how to do Ldap Server Authentication? LDAP 认证要求及如何做 - LDAP Authentication Requirements and How to do it 身份验证后设置Yii2 ldap身份 - Yii2 ldap identity set up after authentication 如何使用Django Rest Framework正确设置令牌认证? - How do I set up token authentication properly with Django Rest Framework? 我如何使用Node.js使用password.js设置成功的身份验证回调? - How do I set up a successful authentication callback with passport.js using Node.js?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM