...
Step 3. Configure authentication
Note |
---|
You must configure the user to have the role ' |
Basic Auth
We are going to configure basic auth, with the username and password being stored in tomcat-users.xml.
Note |
---|
You must configure the user to have the role ' |
For basic configuration you will only need to configure password in the given tomcat-users.xml file. Here’s what that will look like:
Code Block | ||
---|---|---|
| ||
<role rolename="FlexDeployHTTPSAgent" />
<user
username="tomcat"
password="PASSWORD"
roles="FlexDeployHTTPSAgent" /> |
Active Directory/LDAP
For LDAP use we will need to change the server.xml file. By default it is configured to use a UserDatabase realm instead of the JNDI realm we are looking for.
Start by commenting out the existing UserDatbase realm. Then let’s uncomment the included JNDI realm, that should look like the following:
Code Block | ||
---|---|---|
| ||
<!-- Use the LockOutRealm to prevent attempts to guess user passwords via a brute-force attack --> <Realm className="org.apache.catalina.realm.LockOutRealm"> <!-- This Realm uses the UserDatabase configured in the global JNDI resources under the key "UserDatabase". Any edits that are performed against this UserDatabase are immediately available for use by the Realm. --> <!--<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase" />--> <Realm className="org.apache.catalina.realm.JNDIRealm" connectionName="CN=administrator,CN=Users,DC=flexagondev,DC=local" connectionPassword="password" connectionURL="ldap://yourldapurl.example:389" userBase="CN=Users,DC=flexagondev,DC=local" userSearch="(&(objectClass=*)(sAMAccountName={0}))" userRoleName="member" roleBase="CN=Users,DC=flexagondev,DC=local" roleName="cn" roleSearch="(objectClass=group)" /> </Realm> |
Next you can add your specific LDAP/Azure Directory configuration.
Make sure the user you are trying to connect with has the FlexDeployHTTPSAgent
role or they will not be able to connect.
For more information about using LDAP/Active Directory see the tomcat documentation how to for realms, and also the configuration reference.
Step 4. Configure SSL
The use of SSL is required. These steps will be for generating and using a self signed certificate. You can of course use any other certificate compatible with Tomcat. See the Tomcat Documentation for more details.
...