• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 253
  • Last Modified:

tomcat authentication configuration

Hi:

I am testing an application on my own pc and find that there are a few links from the soruce code are not displayed for me. I don't have the same problem when I run the application on the production server.

It seems to me the production server uses my windows login for authentication and grant me permission to these a few links on the web page, because when I try to open the web page, I am asked for userid and password. My login id is shown on the web page as well.

When I import the application under local tomcat and try to view the web page, I am not asked for my login. I find the login shown as "null" and these a few links are not displayed on the web page.

What is the easiest way to fix this issue? Thanks.
0
sdc248
Asked:
sdc248
  • 4
  • 4
1 Solution
 
ArneLoviusCommented:
I would suggest going through the tomcat configuration on the production server and seing where your configuration differs, if both configurations are the same, it could be that there is configuration stored within the application that is specific to the production server, this could a connection to an AD server over LDAPS that you are blocked from accessing...
0
 
sdc248Author Commented:
I have found a web.xml and a dwr.xml file under WEB-INF folder. The web.xml file defines some <security-constraint> items that allow certain user groups in the company to access certain web pages.  After copy it under Root\WEB-INF folder of tomcat, I am now getting prompted for login information, but my totally legitimate login fails to pass.

So looks like my login will be authenticated by production server by looking up some personnel database?  Anyway I can change this configuration so I can test my project locally?

Thanks.
0
 
ArneLoviusCommented:
quite possibly, but the authentication method could be stored in a file or in a database.

if you are testing this application, are you not able to ask the developers ?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
sdc248Author Commented:
The logins are verified using Active Directory.
0
 
ArneLoviusCommented:
Authenticating against AD doesn't tell you how it authenticates against AD

Most authentication using AD as a backend is done with LDAP or LDAPS

Are you able to bind to AD LDAP from your computer, to test I would suggest the Apache Directory Studio.

It could however be using RADIUS, RADIUS requires that RADIUS client (in this case the server running tomcat) to be configured on the RADIUS server with a shared secret.
0
 
sdc248Author Commented:
I'd like to test to see if I could bind to AD LDAP from my local pc. Could you please elaborate more about how to do that, or provide a link to somewhere onlin perhaps? I have downloaded the Apache Directory Studio.

Thanks.
0
 
ArneLoviusCommented:
Configure the DC name and the credentials to use...

Softerra LDAP browser is an alternative
0
 
sdc248Author Commented:
I solved the problem by moving the project to another server, which for some reason authenciate correctly. Thank you for your help though I didn't have a chance to work it out.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now