It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Follow this question
Question details

×6,077
×5,830

question asked: Sep 01 '15, 10:01 a.m.
question was seen: 2,697 times
last updated: Sep 02 '15, 12:53 a.m.

Related questions

FAQ - How this Forum works

clientAuth="true How can we setup JTS to accept client certificate login - Active Directory Integrated

0
Erik Brown (1324) | asked Sep 01 '15, 10:01 a.m.
 We have DOORS NG 6.0 Installed on Windows 2008 R2 running apache tomcat, authentication is integrated into Active Directory, and databases on SQL Server.

The question now is the clientAuth="true setting in the Tomcat server.xml file to enable client certificate authentication but how does apache actually map the certificate back to an active directory account?

I know how to do this using IIS 7 Active Directory Client Certificate Mapping - does apache have a similar service and how do you set this up?

Erik

2 answers

Most liked answers ↑|Newest answers|Oldest answers

1
permanent link
Donald Nong (14.5k414) | answered Sep 02 '15, 12:53 a.m.
What you did with IIS7 in the past is exclusively Microsoft. When you put Tomcat into the picture, AD is treated as a standard LDAP server, hence loses all its "magical" features. When you set "clientAuth=true" for Tomcat, you effectively configure the mutual authentication - the client (browser) requests a certificate from the server (Tomcat), and the server requests a certificate from the client as well. Note that in this case, the client certificate identifies the browser/machine, and has no relationship to the LDAP user.

If you want detailed steps on the configuration, check out the below links.
http://stackoverflow.com/questions/27362588/mutual-authentication-with-tomcat-7
http://www.java-notes.com/index.php/two-way-ssl-on-tomcat
0
permanent link
Bas Bekker (1.4k4) | answered Sep 01 '15, 1:23 p.m.
JAZZ DEVELOPER
DOORS NG, or actually the Jazz Team Server & Tomcat needs to be configured to use the LDAP functionality from the Active Directory server. Here in the Knowledge Center you can find details how to configure this: Managing users by using LDAP on Tomcat

Personally I like to use the interactive installation guide where you can pick your setup to get detailed instructions.


Comments
Erik Brown commented Sep 01 '15, 3:05 p.m.

We have the Jazz Team Server Active Directory Integrated already.

The question is how do we configure the Apache Web Server for client certificate login?  How does Apache map the certificate back to an Active Directory account?

Thanks 

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.