我正在尝试将Tomcat 7(安装在Linux服务器上)与Active Directory集成在一起,以下文档
http://tomcat.apache.org/tomcat-7.0-doc/windows-auth-howto.html
我修改了server.xml
<Realm className="org.apache.catalina.realm.JNDIRealm" connectionURL="ldap://dc.domain.local:389" connectionName="tc01@domain.local" connectionPassword="password" userBase="CN=Users,DC=domain,DC=Local" userSearch="(&(samAccountName={0})(objectCategory=person)(objectClass=user))" userSubtree="false" roleBase="CN=Users,DC=domain,DC=Local" roleName="cn" roleNested="true" roleSearch="(member={0})" roleSubtree="false" /> 我也修改了我的web应用程序的web.xml
<security-constraint> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <url-pattern>/*</url-pattern> <http-method>DELETE</http-method> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>PUT</http-method> </web-resource-collection> <auth-constraint> <role-name>group</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Tomcat Manager Application</realm-name> </login-config> <security-role> <role-name>Everyone</role-name> </security-role>
当我尝试使用getRemoteUser()时,我find了用户名,但没有find域名。
<% response.setHeader("Cache-Control","no-cache"); response.setHeader("Pragma","no-cache"); response.setDateHeader ("Expires", 0); %> <!doctype html> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>TEST AD!</title> </head> <body> <noscript> Your web browser must have JavaScript enabled in order for this application to display correctly.</div> </noscript> <div id="wa_details"> <div id="wa_user"><%= ((request.getRemoteUser()!=null)?request.getRemoteUser():"") %></div> </div> <div id="loader"></div> </body> </html>
我不明白问题在哪里
问候
奥罗