clearapachetomcat
apachetomcat 时间:2021-01-11 阅读:()
ConfigureApacheTomcatwithOpenDJasanIdentityStoreApacheTomcatcandocontainermanagedsecurity,whereTomcatconnectstoanidentitydatastoreforuserauthentication.
TheApacheTomcatRealmexplainsgenerallyhowtosetthisup.
ConfigurationHOW-TOThisarticledemonstrateshowtosetupTomcat7touseOpenDJwithaJNDIRealmforavirtualhost.
ThebasicsetupsidestepssomeofthecomplexitybyusingasingleOpenDJserver,thoughtheJNDIRealmletsyousetbothconnectionURLsandalternateURLstoallowforfailover.
ThebasicsetupalsodoesnotcoversecuringtheconnectionfromTomcattoOpenDJ.
IfyoudeployOpenDJasanidentitystoreforTomcatinproduction,thenTomcatshouldconnecttoOpenDJusingStartTLSorLDAPStoavoidsendingpasswordsincleartextwhenusersauthenticate.
UsersandRolesinOpenDJInordertohavesometestusers,youcanimportintoadc=example,dc=comsuffixinOpenDJatinstallationtime.
(SeetheExample.
ldifOpenDJInstallationforhelpinstallingthelatestnightlybuildofOpenDJ.
)Hereisasearchonafamousexampleuser:Guide$/path/to/OpenDJ/bin/ldapsearch-p1389-bdc=example,dc=comuid=bjensencnuidmaildn:uid=bjensen,ou=People,dc=example,dc=comuid:bjensencn:BarbaraJensencn:BabsJensenmail:bjensen@example.
comRolesinApacheTomcatmaptogroupsinOpenDJ.
Therefore,defineacoupleofgroupstousewithTomcat.
dn:cn=tomcat,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"tomcat"rolecn:tomcatuniqueMember:uid=kvaughan,ou=People,dc=example,dc=comuniqueMember:uid=bjensen,ou=People,dc=example,dc=comdn:cn=role1,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"role1"Tomcatrolecn:role1uniqueMember:uid=kvaughan,ou=People,dc=example,dc=comTomcatConfigurationFortheTomcatrealmconfiguration,thefollowingdefinitionconnectstoOpenDJonthelocalhost,port1389(thedefaultLDAPportwhennotrunningasrootonLinuxorUNIX),andletsusersloginby(forexample,BabsJensenlogsinas).
uidbjensenGroupmembershipcomeseitherfromOpenDJgrouplookup,orfromtheattributeontheuserentry.
isMemberOfAddthedefinitionto,forexampleinsidetheelement.
/path/to/tomcat/conf/server.
xmlMakesureOpenDJisrunning,andthenrestartTomcattobesurethechangestakeeffect.
SmokeTestTrytheexampleapplicationwithform-basedloginshippedwithTomcat,http://localhost:8080/examples/jsp/security/protected/Loginaswithpassword.
bjensenhifalutinAtthispointyoucanaddyourownprotectedapplications.
TheApacheTomcatRealmexplainsgenerallyhowtosetthisup.
ConfigurationHOW-TOThisarticledemonstrateshowtosetupTomcat7touseOpenDJwithaJNDIRealmforavirtualhost.
ThebasicsetupsidestepssomeofthecomplexitybyusingasingleOpenDJserver,thoughtheJNDIRealmletsyousetbothconnectionURLsandalternateURLstoallowforfailover.
ThebasicsetupalsodoesnotcoversecuringtheconnectionfromTomcattoOpenDJ.
IfyoudeployOpenDJasanidentitystoreforTomcatinproduction,thenTomcatshouldconnecttoOpenDJusingStartTLSorLDAPStoavoidsendingpasswordsincleartextwhenusersauthenticate.
UsersandRolesinOpenDJInordertohavesometestusers,youcanimportintoadc=example,dc=comsuffixinOpenDJatinstallationtime.
(SeetheExample.
ldifOpenDJInstallationforhelpinstallingthelatestnightlybuildofOpenDJ.
)Hereisasearchonafamousexampleuser:Guide$/path/to/OpenDJ/bin/ldapsearch-p1389-bdc=example,dc=comuid=bjensencnuidmaildn:uid=bjensen,ou=People,dc=example,dc=comuid:bjensencn:BarbaraJensencn:BabsJensenmail:bjensen@example.
comRolesinApacheTomcatmaptogroupsinOpenDJ.
Therefore,defineacoupleofgroupstousewithTomcat.
dn:cn=tomcat,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"tomcat"rolecn:tomcatuniqueMember:uid=kvaughan,ou=People,dc=example,dc=comuniqueMember:uid=bjensen,ou=People,dc=example,dc=comdn:cn=role1,ou=Groups,dc=example,dc=comobjectClass:groupOfUniqueNamesobjectClass:topdescription:Anentryforthe"role1"Tomcatrolecn:role1uniqueMember:uid=kvaughan,ou=People,dc=example,dc=comTomcatConfigurationFortheTomcatrealmconfiguration,thefollowingdefinitionconnectstoOpenDJonthelocalhost,port1389(thedefaultLDAPportwhennotrunningasrootonLinuxorUNIX),andletsusersloginby(forexample,BabsJensenlogsinas).
uidbjensenGroupmembershipcomeseitherfromOpenDJgrouplookup,orfromtheattributeontheuserentry.
isMemberOfAddthedefinitionto,forexampleinsidetheelement.
/path/to/tomcat/conf/server.
xmlMakesureOpenDJisrunning,andthenrestartTomcattobesurethechangestakeeffect.
SmokeTestTrytheexampleapplicationwithform-basedloginshippedwithTomcat,http://localhost:8080/examples/jsp/security/protected/Loginaswithpassword.
bjensenhifalutinAtthispointyoucanaddyourownprotectedapplications.
- clearapachetomcat相关文档
- creationapachetomcat
- POJOsapachetomcat
- multiapachetomcat
- authenticaapachetomcat
- removeapachetomcat
- 考勤apachetomcat
云基最高500G DDoS无视CC攻击(Yunbase),洛杉矶CN2GIA、国内外高防服务器
云基成立于2020年,目前主要提供高防海内外独立服务器用户,欢迎各类追求稳定和高防优质线路的用户。业务可选:洛杉矶CN2-GIA+高防(默认500G高防)、洛杉矶CN2-GIA(默认带50Gbps防御)、香港CN2-GIA高防(双向CN2GIA专线,突发带宽支持,15G-20G DDoS防御,无视CC)、国内高防服务器(广州移动、北京多线、石家庄BGP、保定联通、扬州BGP、厦门BGP、厦门电信、...
一键去除宝塔面板各种计算题与延时等待
现在宝塔面板真的是越来越过分了,删除文件、删除数据库、删除站点等操作都需要做计算题!我今天升级到7.7版本,发现删除数据库竟然还加了几秒的延时等待,也无法跳过!宝塔的老板该不会是小学数学老师吧,那么喜欢让我们做计算题!因此我写了个js用于去除各种计算题以及延时等待,同时还去除了软件列表页面的bt企业版广告。只需要执行以下命令即可一键完成!复制以下命令在SSH界面执行:Layout_file="/w...
香港站群多ip服务器多少钱?零途云香港站群云服务器怎么样?
香港站群多ip服务器多少钱?想做好站群的SEO优化,最好给每个网站都分配一个独立IP,这样每个网站之间才不会受到影响。对做站群的站长来说,租用一家性价比高且提供多IP的香港多ip站群服务器很有必要。零途云推出的香港多ip站群云服务器多达256个IP,可以满足站群的优化需求,而且性价比非常高。那么,香港多ip站群云服务器价格多少钱一个月?选择什么样的香港多IP站群云服务器比较好呢?今天,小编带大家一...
apachetomcat为你推荐
-
网络域名注册怎么申请网络域名注册,以及网站的建设?网站空间租赁租用哪个网站空间最好?国外虚拟主机国外虚拟主机速度怎么样?英文域名中文域名和英文域名有什么区别,越具体越好域名主机域名和主机名之间的区别是什么免费网站域名申请哪有里可以申请免费域名的网站?ip代理地址使用IP代理会有什么坏处吗?ip代理地址IP代理什么意思?域名备案域名需要备案吗?网站空间免备案免备案网站空间哪个好