About this document
This is more specific to Tomcat than Hudson but as i did my specific configuration for Hudson i think it can help someone here
There are 5 existing realms for Tomcat 6:
- JDBCRealm - Accesses authentication information stored in a relational database, accessed via a JDBC driver.
- DataSourceRealm - Accesses authentication information stored in a relational database, accessed via a named JNDI JDBC DataSource.
- JNDIRealm - Accesses authentication information stored in an LDAP based directory server, accessed via a JNDI provider.
- MemoryRealm - Accesses authentication information stored in an in-memory object collection, which is initialized from an XML document (conf/tomcat-users.xml).
- JAASRealm - Accesses authentication information through the Java Authentication & Authorization Service (JAAS) framework.
See Tomcat documentation here for more information.
For my company i need to have an LDAP authentication and an hudson authorization management.
So i just had to mix JNDIRealm & JDBCRealm.
The result is LdapJDBCRealm (LdapJdbcRealm.java,LdapJdbcRealm.class). This is only a deal with overriding some methods.
Parameters are also mix of Realms, see server.xml template in installation steps.
Installation steps (Tomcat 6.x)
- Copy the Mysql JDBC driver to your %CATALINA_HOME%/lib (get it here)
- Copy this .class file to %CATALINA_HOME%/lib/org/apache/catalina/realm folder
- Update server.xml configuration file (%CATALINA_HOME%/conf).Look at the following template:
this is the template for LdapJDBCRealm configuration in server.xml file:
- Create your users database. See here for scripts to create it.
Once you do that, Hudson should authenticate users against LDAP server and get their authorization using your local database.