Tomcat7 使用LDAP的Tomcat配置_Tomcat7_Gis_Apacheds_Arcgis Server

Tomcat7 使用LDAP的Tomcat配置

gis

Tomcat7 使用LDAP的Tomcat配置,tomcat7,gis,apacheds,arcgis-server,Tomcat7,Gis,Apacheds,Arcgis Server,用户和角色在ApacheDS中创建，并在ArcGIS Manager上可见。将服务安全性更改为私有QGIS后，链接到免费wms服务工作，抛出错误-禁止 Windows server 2012 R2 ArcGIS Server 10.5 ApacheDS 2.0.0-M23 Apache-tomcat 7.0.65 Web Adaptor Java Windows 105_154008 Windows firewall - off 如何正确配置Tomcat以允许安全访问服务？ ApacheDS

用户和角色在

ApacheDS

中创建，并在

ArcGIS Manager

上可见。将服务安全性更改为私有

QGIS

后，链接到免费

wms

服务工作，抛出错误-禁止

Windows server 2012 R2
ArcGIS Server 10.5
ApacheDS 2.0.0-M23
Apache-tomcat 7.0.65
Web Adaptor Java Windows 105_154008
Windows firewall - off

如何正确配置Tomcat以允许安全访问服务？

ApacheDS配置：

cn: Administrators
objectClass: groupOfUniqueNames
objectClass: top
uniqueMember: cn=username1,ou=users,ou=system

Host name: vms12
Port: 10389
Base DN: ou=system
URL: ldap://vms12:10389/ou=system
RDN attribute: uid
Administrator's DN: uid=admin,ou=system

用户：

cn: username1
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
sn: username1
uid: username1
userPassword: userpassword

组：

cn: Administrators
objectClass: groupOfUniqueNames
objectClass: top
uniqueMember: cn=username1,ou=users,ou=system

Host name: vms12
Port: 10389
Base DN: ou=system
URL: ldap://vms12:10389/ou=system
RDN attribute: uid
Administrator's DN: uid=admin,ou=system

ArcGIS服务器安全-配置设置
1.用户和角色管理-来自现有企业系统（LDAP或Windows域）的用户和来自ArcGIS服务器内置存储的角色
2.企业存储类型-LDAP
3.LDAP用户存储：

cn: Administrators objectClass: groupOfUniqueNames objectClass: top uniqueMember: cn=username1,ou=users,ou=system

Host name: vms12 Port: 10389 Base DN: ou=system URL: ldap://vms12:10389/ou=system RDN attribute: uid Administrator's DN: uid=admin,ou=system
4.身份验证层-Web层
Tomcat配置：
C:\Program Files\Apache软件基金会\Tomcat 7.0\conf\server.xml

<Realm className="org.apache.catalina.realm.LockOutRealm"> <Realm className="org.apache.catalina.realm.JNDIRealm" connectionURL="ldap://localhost:10389" connectionName="uid=admin,ou=system" connectionPassword="password" userBase="ou=system" userSubtree="true" userSearch="(uid={0})" roleBase="ou=system" roleName="cn" roleSearch="(uniquemember={0})" roleSubtree="true" /> </Realm> <Host name="localhost" appBase="webapps"

<security-constraint> <web-resource-collection> <web-resource-name>WMS Services</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>Administrators</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>WMS services</realm-name> </login-config> <security-role> <description> The role that is required to access the HTML Manager pages </description> <role-name>Administrators</role-name> </security-role>