clearapachetomcat
apachetomcat 时间:2021-01-11 阅读:()
ConfigureApacheTomcatwithOpenDJasanIdentityStoreApacheTomcatcandocontainermanagedsecurity,whereTomcatconnectstoanidentitydatastoreforuserauthentication.
TheApacheTomcatRealmexplainsgenerallyhowtosetthisup.
ConfigurationHOW-TOThisarticledemonstrateshowtosetupTomcat7touseOpenDJwithaJNDIRealmforavirtualhost.
ThebasicsetupsidestepssomeofthecomplexitybyusingasingleOpenDJserver,thoughtheJNDIRealmletsyousetbothconnectionURLsandalternateURLstoallowforfailover.
ThebasicsetupalsodoesnotcoversecuringtheconnectionfromTomcattoOpenDJ.
IfyoudeployOpenDJasanidentitystoreforTomcatinproduction,thenTomcatshouldconnecttoOpenDJusingStartTLSorLDAPStoavoidsendingpasswordsincleartextwhenusersauthenticate.
UsersandRolesinOpenDJInordertohavesometestusers,youcanimportintoadc=example,dc=comsuffixinOpenDJatinstallationtime.
(SeetheExample.
ldifOpenDJInstallationforhelpinstallingthelatestnightlybuildofOpenDJ.
)Hereisasearchonafamousexampleuser:Guide$/path/to/OpenDJ/bin/ldapsearch-p1389-bdc=example,dc=comuid=bjensencnuidmaildn:uid=bjensen,ou=People,dc=example,dc=comuid:bjensencn:BarbaraJensencn:BabsJensenmail:bjensen@example.
comRolesinApacheTomcatmaptogroupsinOpenDJ.
Therefore,defineacoupleofgroupstousewithTomcat.
dn:cn=tomcat,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"tomcat"rolecn:tomcatuniqueMember:uid=kvaughan,ou=People,dc=example,dc=comuniqueMember:uid=bjensen,ou=People,dc=example,dc=comdn:cn=role1,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"role1"Tomcatrolecn:role1uniqueMember:uid=kvaughan,ou=People,dc=example,dc=comTomcatConfigurationFortheTomcatrealmconfiguration,thefollowingdefinitionconnectstoOpenDJonthelocalhost,port1389(thedefaultLDAPportwhennotrunningasrootonLinuxorUNIX),andletsusersloginby(forexample,BabsJensenlogsinas).
uidbjensenGroupmembershipcomeseitherfromOpenDJgrouplookup,orfromtheattributeontheuserentry.
isMemberOfAddthedefinitionto,forexampleinsidetheelement.
/path/to/tomcat/conf/server.
xmlMakesureOpenDJisrunning,andthenrestartTomcattobesurethechangestakeeffect.
SmokeTestTrytheexampleapplicationwithform-basedloginshippedwithTomcat,http://localhost:8080/examples/jsp/security/protected/Loginaswithpassword.
bjensenhifalutinAtthispointyoucanaddyourownprotectedapplications.
TheApacheTomcatRealmexplainsgenerallyhowtosetthisup.
ConfigurationHOW-TOThisarticledemonstrateshowtosetupTomcat7touseOpenDJwithaJNDIRealmforavirtualhost.
ThebasicsetupsidestepssomeofthecomplexitybyusingasingleOpenDJserver,thoughtheJNDIRealmletsyousetbothconnectionURLsandalternateURLstoallowforfailover.
ThebasicsetupalsodoesnotcoversecuringtheconnectionfromTomcattoOpenDJ.
IfyoudeployOpenDJasanidentitystoreforTomcatinproduction,thenTomcatshouldconnecttoOpenDJusingStartTLSorLDAPStoavoidsendingpasswordsincleartextwhenusersauthenticate.
UsersandRolesinOpenDJInordertohavesometestusers,youcanimportintoadc=example,dc=comsuffixinOpenDJatinstallationtime.
(SeetheExample.
ldifOpenDJInstallationforhelpinstallingthelatestnightlybuildofOpenDJ.
)Hereisasearchonafamousexampleuser:Guide$/path/to/OpenDJ/bin/ldapsearch-p1389-bdc=example,dc=comuid=bjensencnuidmaildn:uid=bjensen,ou=People,dc=example,dc=comuid:bjensencn:BarbaraJensencn:BabsJensenmail:bjensen@example.
comRolesinApacheTomcatmaptogroupsinOpenDJ.
Therefore,defineacoupleofgroupstousewithTomcat.
dn:cn=tomcat,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"tomcat"rolecn:tomcatuniqueMember:uid=kvaughan,ou=People,dc=example,dc=comuniqueMember:uid=bjensen,ou=People,dc=example,dc=comdn:cn=role1,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"role1"Tomcatrolecn:role1uniqueMember:uid=kvaughan,ou=People,dc=example,dc=comTomcatConfigurationFortheTomcatrealmconfiguration,thefollowingdefinitionconnectstoOpenDJonthelocalhost,port1389(thedefaultLDAPportwhennotrunningasrootonLinuxorUNIX),andletsusersloginby(forexample,BabsJensenlogsinas).
uidbjensenGroupmembershipcomeseitherfromOpenDJgrouplookup,orfromtheattributeontheuserentry.
isMemberOfAddthedefinitionto,forexampleinsidetheelement.
/path/to/tomcat/conf/server.
xmlMakesureOpenDJisrunning,andthenrestartTomcattobesurethechangestakeeffect.
SmokeTestTrytheexampleapplicationwithform-basedloginshippedwithTomcat,http://localhost:8080/examples/jsp/security/protected/Loginaswithpassword.
bjensenhifalutinAtthispointyoucanaddyourownprotectedapplications.
- clearapachetomcat相关文档
- creationapachetomcat
- POJOsapachetomcat
- multiapachetomcat
- authenticaapachetomcat
- removeapachetomcat
- 考勤apachetomcat
DMIT:新推出美国cn2 gia线路高性能 AMD EPYC/不限流量VPS(Premium Unmetered)$179.99/月起
DMIT,最近动作频繁,前几天刚刚上架了日本lite版VPS,正在酝酿上线日本高级网络VPS,又差不多在同一时间推出了美国cn2 gia线路不限流量的美国云服务器,不过价格太过昂贵。丐版只有30M带宽,月付179.99 美元 !!目前美国云服务器已经有个4个套餐,分别是,Premium(cn2 gia线路)、Lite(普通直连)、Premium Secure(带高防的cn2 gia线路),Prem...
HostKvm香港VPS七折:$5.95/月KVM-2GB内存/40GB硬盘/500GB月流量
HostKvm是一家成立于2013年的国外主机服务商,主要提供VPS主机,基于KVM架构,可选数据中心包括日本、新加坡、韩国、美国、俄罗斯、中国香港等多个地区机房,均为国内直连或优化线路,延迟较低,适合建站或者远程办公等。商家本月针对香港国际机房提供特别7折优惠码,其他机房全场8折,优惠后2G内存香港VPS每月5.95美元起,支持使用PayPal或者支付宝付款。下面以香港国际(HKGlobal)为...
HostYun 新上美国CN2 GIA VPS 月15元
HostYun 商家以前是玩具主机商,这两年好像发展还挺迅速的,有点在要做点事情的味道。在前面也有多次介绍到HostYun商家新增的多款机房方案,价格相对还是比较便宜的。到目前为止,我们可以看到商家提供的VPS主机包括KVM和XEN架构,数据中心可选日本、韩国、香港和美国的多个地区机房,电信双程CN2 GIA线路,香港和日本机房,均为国内直连线路。近期,HostYun上线低价版美国CN2 GIA ...
apachetomcat为你推荐
-
美国主机租用美国服务器租用整的这么便宜 啊英文域名中文域名与英文域名区别域名主机域名和主机名之间的区别是什么免费网站域名申请怎么免费上传我的网站呀和免费申请域名虚拟主机申请个人虚拟主机怎么申请?域名备案买域名要备案吗免费网站空间免费个人网站 空间北京网站空间网站空间哪里的好,山东虚拟主机山东东营制作网站的公司在哪里?大连虚拟主机大连建网站哪里好?