Reputation:
Apache/Tomcat - LDAP Authentication based on AD Group Membership
We currently have an Apache/Tomcat (5.5) application running and we're using the LDAP authentication feature (by configuring the realm) against a multi domain structure and it's working great. One thing we would like to do is limit access to users based on their membership on a specific group in AD. Basically, only users of GroupA will be alowed to access the app. I'm wondering if this type of configuration is possible. If so, can you point me in the right direction? Thanks in advance.
Upvotes: 2
Views: 6359
Answers (2)
Reputation: 2110
implement your own realm
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
Upvotes: 2
Reputation: 1810
I believe you can accomplish this with the mod_authnz_ldap module in apache:
http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#reqgroup
Upvotes: 1
Related Questions
- Mapping Ldap groups to role of the application in tomcat
- Tomcat 7.0.14 LDAP authentication
- User authentication against multiple AD groups using tomcat and JNDI
- Setup Tomcat to use LDAP user from a specific group
- Tomcat LDAP User Auth
- Authentication by using Tomcat LDAPs and PHP
- How to configure Tomcat 5.5 to authenticate against Win2003 Activedirectory(LDAP)
- Tomcat and LDAPS
- how to set up tomcat ldap authentication without member of check
- ldap authentication to AD works for groups except "domain users"