Hi,
I'm using Tomcat 5.5 (with Apache web server) and need to provide Windows Integrated Authentication against AD (win2k domain).
My question is: What's the best (easiest) way to do so ?
1. Trying to configure SNEGO for apache web server. What's the best SNEGO implementation/module?
2. Using IIS as web server. In this case, how is the user information passed from IIS to Tomcat?
Thanks in advance.
Greetz,
TGV
-
Windows Integrated Authentication and Tomcat (5 messages)
- Posted by: Tiago G
- Posted on: July 21 2005 06:59 EDT
Threaded Messages (5)
- Windows Integrated Authentication and Tomcat by Pine Tree on July 21 2005 07:14 EDT
- Windows Integrated Authentication and Tomcat by Tiago G on July 21 2005 09:45 EDT
- Windows Integrated Authentication and Tomcat by Biswa Das on July 21 2005 14:31 EDT
- Re: Windows Integrated Authentication and Tomcat by Venkat Sadasivam on September 09 2009 00:21 EDT
- Re: Windows Integrated Authentication and Tomcat by Pat Gonzalez on November 16 2009 02:23 EST
- Re: Windows Integrated Authentication and Tomcat by Venkat Sadasivam on September 09 2009 00:21 EDT
-
Windows Integrated Authentication and Tomcat[ Go to top ]
- Posted by: Pine Tree
- Posted on: July 21 2005 07:14 EDT
- in response to Tiago G
Hi,
How about authenticate using LDAP?
http://java.sun.com/products/jndi/tutorial/ldap/security/gssapi.html
http://today.java.net/pub/a/today/2005/05/31/tomcatldap.html
HTH -
Windows Integrated Authentication and Tomcat[ Go to top ]
- Posted by: Tiago G
- Posted on: July 21 2005 09:45 EDT
- in response to Pine Tree
Hi,
GSS-API provides a way to connect to AD but doesn't solve the problem of Integrated Windows Authentication. The client browser has to send the user information to the web server in a secure way.
Cheers,
TGV -
Windows Integrated Authentication and Tomcat[ Go to top ]
- Posted by: Biswa Das
- Posted on: July 21 2005 14:31 EDT
- in response to Tiago G
The bottom line is request.getRemoteUser will return null if the tomcat has not authenticated. You may have to rebuild tomcat server for your custom authentication or use a request wrapper but in request wrapping you have to use some cookie to find out who was the user authenticated in windows or apache. -
Re: Windows Integrated Authentication and Tomcat[ Go to top ]
- Posted by: Venkat Sadasivam
- Posted on: September 09 2009 00:21 EDT
- in response to Biswa Das
The below link explains the required configuration to make Tomcat work for Windows Integrated Authentication. http://webmoli.com/2009/08/29/single-sign-on-in-java-platform/ -
Re: Windows Integrated Authentication and Tomcat[ Go to top ]
- Posted by: Pat Gonzalez
- Posted on: November 16 2009 02:23 EST
- in response to Venkat Sadasivam
Here's an open source library, http://spnego.sourceforge.net, that does exactly what you want. Take a look at the installation instructions for Tomcat.