'adding AD group filter to tomcat Realm configuration

I have configured my tomcat application to authenticate against my company LDAP.

Here is the realm configuration looks from server.xml file:

    <!-- enable LDAP authentication -->
    <Realm className="org.apache.catalina.realm.JNDIRealm"
      connectionName="[email protected]"
      connectionPassword="some-secret"
      connectionURL="ldaps://example.com:636"
      alternateURL="ldaps://example.com:636"
      userBase="DC=company,DC=com"
      userSearch="(&amp; (objectcategory=person) (objectclass=user) (sAMAccountName={0}))"
      connectionTimeout="30000"
      userSubtree="true"
      adCompat="true"
    />

This works well.

Now I am trying to add AD group filter to restrict login to users who are part of AD group "g.sales_excecutive".

I am not sure where can I add that. I tried adding this with (sAMAccountName={0}) but that didn't work.

tomcatactive-directoryldap


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

How to SHUTDOWN Tomcat in Ubuntu?

log4j writing to console but not to file (Liferay + Tomcat)

Force log rollover in tomcat log4j2 even if no traffic

java.util.concurrent.ExecutionException: org.apache.catalina.LifecycleException: Failed to start

Tomcat doesn't start with YAWL engine

How do I map Spring MVC controller to a uri with and without trailing slash?

Tomcat Credentials

How to set custom environment variables in tomcat?

JSTL error javax/servlet/jsp/jstl/core/LoopTag error when using c:forEach tomcat ver7.0 [duplicate]

Tomcat does not start. Where was I wrong?

Unknown version of Tomcat was specified with tomcat -9.0.37

Customize keycloak error page with spring boot

Restart Tomcat Service on AWS EC2 instance, on a schedule

Spark saveAsTextFile() results in Mkdirs failed to create for half of the directory

Tomcat Manager - Active Directory Authentication