The Realm implementation has to be available before the webapp is loaded. So, it has to be in a JAR file in Tomcat's lib directory. Putting it into the webapp's own WEB-INF/lib can't work.
How to configure Custom JNDIRealm (added read timeout for LDAP) in Tomcat Server.xml
-
07-07-2023 - |
Question
We use JNDIRealm (Tomcat 6) for LDAP authentication. May be due to LDAP flakiness, one thread gets lock on JNDIRealm.authenticate method and causing thread dump. To solve this, added CustomJNDIRealm class that extends JNDIRealm as shown below
package com.gop.it.msoft;
import org.apache.catalina.realm.JNDIRealm;
public class CustomJNDIRealm extends JNDIRealm {
protected String readTimeout;
@Override
protected Hashtable<String,String> getDirectoryContextEnvironment() {
Hashtable<String,String> env = new Hashtable<String,String>();
if(readTimeout != null) env.put("com.sun.jndi.ldap.read.timeout", readTimeout);
return env;
}
}
Now, how do I configure in Server.xml ? By doing below, I get ClassNotFoundException. Please help.
<Realm allRolesMode="authOnly" className="com.gop.it.msoft.CustomJNDIRealm" connectionURL="ldaps://ldap.gop.com:636" referrals="follow" userPattern="uid={0},ou=People,o=gop.com" readTimeout="5000" userSubtree="false"/>
Thanks a bunch
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow