Solved

tomcat authentication configuration

Posted on 2013-01-22
8
225 Views
Last Modified: 2013-02-06
Hi:

I am testing an application on my own pc and find that there are a few links from the soruce code are not displayed for me. I don't have the same problem when I run the application on the production server.

It seems to me the production server uses my windows login for authentication and grant me permission to these a few links on the web page, because when I try to open the web page, I am asked for userid and password. My login id is shown on the web page as well.

When I import the application under local tomcat and try to view the web page, I am not asked for my login. I find the login shown as "null" and these a few links are not displayed on the web page.

What is the easiest way to fix this issue? Thanks.
0
Comment
Question by:sdc248
  • 4
  • 4
8 Comments
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38810059
I would suggest going through the tomcat configuration on the production server and seing where your configuration differs, if both configurations are the same, it could be that there is configuration stored within the application that is specific to the production server, this could a connection to an AD server over LDAPS that you are blocked from accessing...
0
 

Author Comment

by:sdc248
ID: 38812416
I have found a web.xml and a dwr.xml file under WEB-INF folder. The web.xml file defines some <security-constraint> items that allow certain user groups in the company to access certain web pages.  After copy it under Root\WEB-INF folder of tomcat, I am now getting prompted for login information, but my totally legitimate login fails to pass.

So looks like my login will be authenticated by production server by looking up some personnel database?  Anyway I can change this configuration so I can test my project locally?

Thanks.
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38812585
quite possibly, but the authentication method could be stored in a file or in a database.

if you are testing this application, are you not able to ask the developers ?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:sdc248
ID: 38815152
The logins are verified using Active Directory.
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38815358
Authenticating against AD doesn't tell you how it authenticates against AD

Most authentication using AD as a backend is done with LDAP or LDAPS

Are you able to bind to AD LDAP from your computer, to test I would suggest the Apache Directory Studio.

It could however be using RADIUS, RADIUS requires that RADIUS client (in this case the server running tomcat) to be configured on the RADIUS server with a shared secret.
0
 

Author Comment

by:sdc248
ID: 38831930
I'd like to test to see if I could bind to AD LDAP from my local pc. Could you please elaborate more about how to do that, or provide a link to somewhere onlin perhaps? I have downloaded the Apache Directory Studio.

Thanks.
0
 
LVL 37

Accepted Solution

by:
ArneLovius earned 250 total points
ID: 38832449
Configure the DC name and the credentials to use...

Softerra LDAP browser is an alternative
0
 

Author Closing Comment

by:sdc248
ID: 38860274
I solved the problem by moving the project to another server, which for some reason authenciate correctly. Thank you for your help though I didn't have a chance to work it out.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question