I'm trying to integrate Tomcat 7 (installed on Linux server) with Active Directory,following documentation
http://tomcat.apache.org/tomcat-7.0-doc/windows-auth-howto.html
I have modified server.xml
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://dc.domain.local:389"
connectionName="tc01@domain.local"
connectionPassword="password"
userBase="CN=Users,DC=domain,DC=Local"
userSearch="(&(samAccountName={0})(objectCategory=person)(objectClass=user))"
userSubtree="false"
roleBase="CN=Users,DC=domain,DC=Local"
roleName="cn"
roleNested="true"
roleSearch="(member={0})"
roleSubtree="false" />
I have modified also web.xml of my web application
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>group</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat Manager Application</realm-name>
</login-config>
<security-role>
<role-name>Everyone</role-name>
</security-role>
When I try to use getRemoteUser() I found user name but not domain name.
<%
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader ("Expires", 0);
%>
<!doctype html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>TEST AD!</title>
</head>
<body>
<noscript>
Your web browser must have JavaScript enabled in order for this
application to display correctly.</div>
</noscript>
<div id="wa_details">
<div id="wa_user"><%= ((request.getRemoteUser()!=null)?request.getRemoteUser():"") %></div>
</div>
<div id="loader"></div>
</body>
</html>
I cannot understand where is the problem
Regards
Oro
