How to properly configure Tomcat to allow secure acces to services, did i miss something? Users and roles are created in ApacheDS and are visible on ArcGIS Manager. Link to free wms service works, after changing service security to private QGIS throws an error - forbidden. Windows server 2012 R2 ArcGIS Server 10.5 ApacheDS 2.0.0-M23 Apache-tomcat 7.0.65 Web Adaptor Java Windows 105_154008 Windows firewall - off ApacheDS configuration: users: cn: username1 objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top sn: username1 uid: username1 userPassword: userpassword groups: cn: Administrators objectClass: groupOfUniqueNames objectClass: top uniqueMember: cn=username1,ou=users,ou=system ArcGIS Server Security - Configuration Settings 1.User and Role Management - Users from an existing enterprise system (LDAP or Windows Domain) and roles from ArcGIS Server's built-in store 2.Enterprise Store Type - LDAP 3.LDAP User Store: Host name: vms12 Port: 10389 Base DN: ou=system URL: ldap://vms12:10389/ou=system RDN attribute: uid Administrator's DN: uid=admin,ou=system 4.Authentication Tier - Web Tier Tomcat configuration: C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\server.xml <Realm className="org.apache.catalina.realm.JNDIRealm" connectionURL="ldap://localhost:10389" connectionName="uid=admin,ou=system" connectionPassword="password" userBase="ou=system" userSubtree="true" userSearch="(uid={0})" roleBase="ou=system" roleName="cn" roleSearch="(uniquemember={0})" roleSubtree="true" /> </Realm> C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\web.xml <security-constraint> <web-resource-collection> <web-resource-name>WMS Services</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>Administrators</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>WMS services</realm-name> </login-config> <security-role> <description> The role that is required to access the HTML Manager pages </description> <role-name>Administrators</role-name> </security-role>
... View more