Versions Compared

Old Version 5

changes.mady.by.user Hayden Mumm

Saved on

compared with

New Version 6

changes.mady.by.user Hayden Mumm

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Step 3. Configure authentication

Note

You must configure the user to have the role 'FlexDeployHTTPSAgent'

Basic Auth

We are going to configure basic auth, with the username and password being stored in tomcat-users.xml.

Note

You must configure the user to have the role 'FlexDeployHTTPSAgent'

For basic configuration you will only need to configure password in the given tomcat-users.xml file. Here’s what that will look like:

Code Block
languagexml
<role rolename="FlexDeployHTTPSAgent" />
<user
username="tomcat" 
password="PASSWORD" 
roles="FlexDeployHTTPSAgent" />

Active Directory/LDAP

For LDAP use we will need to change the server.xml file. By default it is configured to use a UserDatabase realm instead of the JNDI realm we are looking for.

Start by commenting out the existing UserDatbase realm. Then let’s uncomment the included JNDI realm, that should look like the following:

Code Block
languagexml
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
  <!-- This Realm uses the UserDatabase configured in the global JNDI
  resources under the key "UserDatabase".  Any edits
  that are performed against this UserDatabase are immediately
  available for use by the Realm.  -->
  <!--<Realm
  className="org.apache.catalina.realm.UserDatabaseRealm"
        resourceName="UserDatabase" />-->
        
  <Realm className="org.apache.catalina.realm.JNDIRealm"
        connectionName="CN=administrator,CN=Users,DC=flexagondev,DC=local"
        connectionPassword="password"
        connectionURL="ldap://yourldapurl.example:389"
        userBase="CN=Users,DC=flexagondev,DC=local"
        userSearch="(&amp;(objectClass=*)(sAMAccountName={0}))"
        userRoleName="member"
        roleBase="CN=Users,DC=flexagondev,DC=local"
        roleName="cn"
        roleSearch="(objectClass=group)"
  />
</Realm>

Next you can add your specific LDAP/Azure Directory configuration.

Make sure the user you are trying to connect with has the FlexDeployHTTPSAgent role or they will not be able to connect.

For more information about using LDAP/Active Directory see the tomcat documentation how to for realms, and also the configuration reference.

Step 4. Configure SSL

The use of SSL is required. These steps will be for generating and using a self signed certificate. You can of course use any other certificate compatible with Tomcat. See the Tomcat Documentation for more details.

...