Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] web UI authentication

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] web UI authentication

Chronological Thread 
  • From: Scott Koranda <>
  • To: Jared Hoffman <>
  • Cc:
  • Subject: Re: [grouper-users] web UI authentication
  • Date: Tue, 26 May 2015 22:19:25 -0500

> I'm setting up a grouper server for the first time. I've been able to
> configure grouper loader to pull in all of our active directory users
> as LDAP entries. I've been able to use that data to search & populate
> groups.
> What I'm struggling with is how to authenticate the web UI for group
> management. If I make manual accounts in Tomcat, I can log in, but
> obviously that's not the desired method. Can I point the UI to ldap/AD
> to authenticate through tomcat? I've been scouring the documentation
> but I keep finding instructions for the loader, not the web ui
> authentication.
> I'd appreciate any help pointing me in the right direction.

The Grouper UI is "just" a Java web application that leverages
"container managed security". So there is no direct Grouper UI
configuration to use LDAP per se, rather you configure Tomcat
for LDAP authentication and the Grouper UI relies on Tomcat
telling it the user details.

You probably want a JNDIRealm. This URL

and this URL

may be helpful.

The Grouper UI "interface" to Tomcat is the web.xml file. You
probably have in


something like

path="/grouper" reloadable="false"/>

So the important web.xml file is in


You can inspect that file to understand what the Grouper UI
expects from a Tomcat Realm configuration. If you need to
change the web.xml file read the default version for a hint
about how to set a value and merge in your
deployment specific needs in a way that will not be


Scott K

Archive powered by MHonArc 2.6.16.

Top of Page