Apache Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages technologies.
As J2EE servlet container, Tomcat provides standard security feature, like authentication: the application deployed in Tomcat can delegate its authentication to Tomcat.
By default, Tomcat provides a file called users.xml
to manage authentication:
<?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="tomcat"/> <role rolename="role1"/> <user username="tomcat" password="tomcat" roles="tomcat"/> <user username="role1" password="tomcat" roles="role1"/> <user username="both" password="tomcat" roles="tomcat,role1"/> </tomcat-users>
LL::NG provides a valve, available on download page. This valve will check an HTTP header to set the authenticated user on the J2EE container.
Copy ValveLemonLDAPNG.jar
in <TOMCAT_HOME>/server/lib
:
cp ValveLemonLDAPNG.jar server/lib/
Add on your server.xml
file a new valve entry like this (in host section):
<Valve className="org.lemonLDAPNG.SSOValve" userKey="AUTH-USER" roleKey="AUTH-ROLE" roleSeparator="," allows="127.0.0.1"/>
Configure attributes:
The sources are available on download page.
Required :
Configure your tomcat home in build.properties
files.
c:/my hardisk/tomcat/
Next run ant command:
ant
ValveLemonLDAPNG.jar
is created under /dist
directory.