You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jens Neu <je...@biotronik.com> on 2013/08/06 12:44:19 UTC
LDAP/Realm with TLS in Tomcat 6/7?
Dear all,
is there a lib/method/whatever to achieve Realm Auth in Tomcat > 5.x where
username/password are protected by TLS?
org.apache.catalina.realm.JNDIRealm works with Tomcat 5, but not in 6 :-(
best regards
Jens
www.biotronik.com
BIOTRONIK - Celebrating 50 years of excellence
Founded in 1963 with the development of the first German pacemaker, BIOTRONIK has brought innovations and the highest quality standards to the cardiac rhythm management and vascular intervention fields in more than 100 countries around the world. We’ve developed advanced technologies such as BIOTRONIK Home Monitoring®, Closed Loop Stimulation (CLS) and Orsiro, the industry's first hybrid drug eluting stent. BIOTRONIK also offers the broadest portfolio of cardiac devices with ProMRI®, an advanced technology that gives patients access to magnetic resonance (MR) scanning.
BIOTRONIK SE & Co. KG
Woermannkehre 1, 12359 Berlin, Germany
Sitz der Gesellschaft: Berlin, Registergericht: Berlin HRA 6501
Vertreten durch ihre Komplementärin:
BIOTRONIK MT SE
Sitz der Gesellschaft: Berlin, Registergericht: Berlin HRB 118866 B
Geschäftsführende Direktoren: Christoph Böhmer, Dr. Lothar Krings
This e-mail and the information it contains including attachments are confidential and meant only for use by the intended recipient(s); disclosure or copying is strictly prohibited. If you are not addressed, but in the possession of this e-mail, please notify the sender immediately and delete the document.
Re: LDAP/Realm with TLS in Tomcat 6/7?
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Jens,
Please ignore Martin's response, because:
a) It incorrectly identifies the issue (Connector versus Realm)
b) Gives you a link to outdated documentation (3 versions older)
- -chris
On 8/6/13 8:21 AM, Martin Gainty wrote:
> you will need to supply any security credentials to that layer and
> inform the connector you are using protocol="TLS" and match each
> attribute to attribute from the supplied key package (.pfx/.p7b)
>
> http://tomcat.apache.org/tomcat-4.1-doc/ssl-howto.html
>
> HTH, Martin ______________________________________________ Verzicht
> und Vertraulichkeitanmerkung/Note de déni et de confidentialité
>
> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene
> Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede
> unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig.
> Diese Nachricht dient lediglich dem Austausch von Informationen und
> entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten
> Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den
> Inhalt uebernehmen.
>
> Ce message est confidentiel et peut être privilégié. Si vous n'êtes
> pas le destinataire prévu, nous te demandons avec bonté que pour
> satisfaire informez l'expéditeur. N'importe quelle diffusion non
> autorisée ou la copie de ceci est interdite. Ce message sert à
> l'information seulement et n'aura pas n'importe quel effet
> légalement obligatoire. Étant donné que les email peuvent
> facilement être sujets à la manipulation, nous ne pouvons accepter
> aucune responsabilité pour le contenu fourni.
>
>
>> Date: Tue, 6 Aug 2013 13:36:41 +0200 From:
>> ognjen.d.blagojevic@gmail.com To: users@tomcat.apache.org
>> Subject: Re: LDAP/Realm with TLS in Tomcat 6/7?
>>
>> Jens,
>>
>> On 6.8.2013 12:44, Jens Neu wrote:
>>> is there a lib/method/whatever to achieve Realm Auth in Tomcat
>>> > 5.x where username/password are protected by TLS?
>>
>> I never tried it myself, but you might find these links useful:
>>
>> https://wiki.apache.org/tomcat/JNDI_startTLs_HowTo
>> https://issues.apache.org/bugzilla/show_bug.cgi?id=49785
>> https://www.mail-archive.com/users@tomcat.apache.org/msg80660.html
>>
>>
>>>
>>
org.apache.catalina.realm.JNDIRealm works with Tomcat 5, but not in 6 :-(
>>
>> JNDIRealm should work just fine in any supported Tomcat version.
>> If you have any problems with it, please report it here.
>>
>> BTW, if you are already upgrading, you may consider to upgrade
>> directly to latest Tomcat 7, to save yourself from doing two
>> upgrades.
>>
>> -Ognjen
>>
>> ---------------------------------------------------------------------
>>
>>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJSAQUAAAoJEBzwKT+lPKRYb/AQAKCewt4vbjJy+VwB2cMv5lWo
7XckXggeq/G4H8x4JgJ1ylTqYUwZaHa3AtClucjyfuORbW1SYioW5SJIvDiSC80k
zXbeEpcBPRMHrofCYCwONYNH/bnIy+Z1Q7xL6JMjoiDrRSjADBSr/v8BJUF1Frnj
SIxo6PfyWFrTVmHdZz9IWDrYy14k88a1jPl6Jo42xnq18oV5CnHbCVKBx4tEpDF2
lOmPgxjmmNbJ+IJjUJfWpTGm1KIuKl4W56reMTYrmgOolG7CCAbbxkV3SGSB+HRI
xoI2TzMvrzDjMnNPdZoOoMhH594zVqsAtTKiUnPoWWoIYMKMw+hZJEy2aGVudhhe
EC3q3+riwq36oGcrmWLfXlfKTt7hgoYhSxhV/ZEOWU2W73nj6pZjY89NZqhZvC+S
cdzKuFxYf5kMk7P2IqaNLyfpw9a0unZ9UxHEnPy1NHetPL/BMp8h39xJdtSyZw//
DTFSrfinua1rNvXbLplenmVGlk6eQYu/Ps63cpVOFy14xjcq2a1mThnYNWhp+Mbb
kszeIxs1+vVDpH49b9kcZZYjuWrLbB3/0dBxiVnN99Yr2rq8lFUFZQ0b140jZ6AY
LDPy3R4eyQR8/x68LrMXPRpiTomCQalsKeoN6HlFgZzPyzf6zU0WaNEWytQp1ksD
YoLHmw6IFCtof0hTUxkZ
=Ws3u
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: LDAP/Realm with TLS in Tomcat 6/7?
Posted by Martin Gainty <mg...@hotmail.com>.
you will need to supply any security credentials to that layer and inform the connector you are using protocol="TLS"
and match each attribute to attribute from the supplied key package (.pfx/.p7b)
http://tomcat.apache.org/tomcat-4.1-doc/ssl-howto.html
HTH,
Martin
______________________________________________
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
> Date: Tue, 6 Aug 2013 13:36:41 +0200
> From: ognjen.d.blagojevic@gmail.com
> To: users@tomcat.apache.org
> Subject: Re: LDAP/Realm with TLS in Tomcat 6/7?
>
> Jens,
>
> On 6.8.2013 12:44, Jens Neu wrote:
> > is there a lib/method/whatever to achieve Realm Auth in Tomcat > 5.x where
> > username/password are protected by TLS?
>
> I never tried it myself, but you might find these links useful:
>
> https://wiki.apache.org/tomcat/JNDI_startTLs_HowTo
> https://issues.apache.org/bugzilla/show_bug.cgi?id=49785
> https://www.mail-archive.com/users@tomcat.apache.org/msg80660.html
>
>
> > org.apache.catalina.realm.JNDIRealm works with Tomcat 5, but not in 6 :-(
>
> JNDIRealm should work just fine in any supported Tomcat version. If you
> have any problems with it, please report it here.
>
> BTW, if you are already upgrading, you may consider to upgrade directly
> to latest Tomcat 7, to save yourself from doing two upgrades.
>
> -Ognjen
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
Re: LDAP/Realm with TLS in Tomcat 6/7?
Posted by Ognjen Blagojevic <og...@gmail.com>.
Jens,
On 6.8.2013 12:44, Jens Neu wrote:
> is there a lib/method/whatever to achieve Realm Auth in Tomcat > 5.x where
> username/password are protected by TLS?
I never tried it myself, but you might find these links useful:
https://wiki.apache.org/tomcat/JNDI_startTLs_HowTo
https://issues.apache.org/bugzilla/show_bug.cgi?id=49785
https://www.mail-archive.com/users@tomcat.apache.org/msg80660.html
> org.apache.catalina.realm.JNDIRealm works with Tomcat 5, but not in 6 :-(
JNDIRealm should work just fine in any supported Tomcat version. If you
have any problems with it, please report it here.
BTW, if you are already upgrading, you may consider to upgrade directly
to latest Tomcat 7, to save yourself from doing two upgrades.
-Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org