Allow only one group of Active directory to access resources using Waffle

Asked Sep 28 '17 at 17:56

Active Sep 29 '17 at 16:17

Viewed 355 times

I'm using Waffle to authenticate users on my Web App like in this tutorial: https://github.com/Waffle/waffle/blob/master/Docs/tomcat/TomcatSingleSignOnValve.md

But I only want that users on the group ProdGroup be able to access the pages. How can I achieve that?

Thanks.

EDIT: First I put this on my tomcat context

    <Context>
      <Valve className="waffle.apache.NegotiateAuthenticator" />
      <Realm className="waffle.apache.WindowsRealm" />
    </Context>

And in my web.xml:

    <security-constraint>
      <web-resource-collection>
        <web-resource-name>
          Demo Application
        </web-resource-name>
        <url-pattern>/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
      </web-resource-collection>
      <auth-constraint>
        <role-name>BUILTIN\Users</role-name>
      </auth-constraint>
    </security-constraint>
    <security-role>
        <role-name>BUILTIN\Users</role-name>
    </security-role>

This way, every user authenticated via AD con use the app, but i want to that only users belonging to a certain group could access. Group ProdGroup for example.

edited Sep 29 '17 at 16:17

asked Sep 28 '17 at 17:56

Guilherme Galdino

Please post the code for your problem directly in StackOverflow, as external links can break. And a minimal example of what exactly you did can also help. – Randrian Sep 28 '17 at 19:51
I edited my question. Thank you for the help. – Guilherme Galdino Sep 29 '17 at 16:19

Allow only one group of Active directory to access resources using Waffle

0 Answers0