You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Joseph D Toussaint <jd...@cariboulake.com> on 2001/07/25 21:56:28 UTC

question about apache and ldap

Ok here is what I'd like to do and what I have done and I'm wondering if
it's possible.

I want tomcat to use apache for all the static content, and I want
apache to authenticate via a ldap server.  I also want the username and
groups (roles) from ldap to be avaliable on the request object so I can
use isUserInRole, etc.

I currently have Apache with mod_auth_ldap and it authenicates via a
ldap server.  I have tomcat hooked up to apache using mod_jk, and I have
a security constraint in my web.xml - where the auth-type is BASIC.

When I go to one of my servlets It pulls up the apache login window -
but if the user is not in the tomcat-users.xml it also pulls up the
tomcat login window. 

In a moment of despiration I commented out the
org.apache.tomcat.request.SimpleRealm RequestInterceptor, hoping this
would force tomcat to authenticate with apache.  After doing this I no
longer get the tomcat login window - but I get a 500 error from apache
(no stacktrace, just the vanilla server error page).

At this point I'm stuck.  My backup plan is to use FORM authentication
and write a servlet to talk to ldap.  However I'd prefer to get it to
work as mentioned above.


thanks!

joe


-- 
##############################
# Joseph Toussaint           #
# Caribou Lake Software      #
# http://www.cariboulake.com #
# jdtoussa@cariboulake.com   #
# 952-837-98029              #
##############################