• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

NT Authentication with Tomcat

 
Ranch Hand
Posts: 95
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm running my Servlet/JSP application in Tomcat 3.2.3 on NT. (Thinking about moving to Tomcat 4.0)
I searched for information regarding setting up Tomcat with NT authentication and am really confused. There's no decent documentation.
Can somebody please provide clear information?
I want to know how Tomcat's authentication methods (the J2EE web application authentication methods - BASIC, Form based etc) can be mapped to NT authentication. Basically I want the users to login to the web application using their NT domain accounts and passwords.
Tomcat 4.0 talks about Realms, is it something to do with this?
Where does JAAS come into this picture? I read about JAAS but couldn't really find decent information on integrating it with Tomcat.
I'd appreciate your help.
Thank you very much.

------------------
Velmurugan Periasamy
Sun Certified Java Programmer
Sybase Certified EAServer Developer
----------------------
Study notes for Sun Java Certification
http://www.geocities.com/velmurugan_p/
 
Ranch Hand
Posts: 93
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I know someone had similar issue just few weeks back. If you search the post I'm sure you'll find it here...
 
Ranch Hand
Posts: 3695
IntelliJ IDE Java Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I've never used (or until now, heard of JAAS).

However, I've done a bit of noodling with J2EE, and this is a snip from their Devleoper's Guide for version 1.2.1
It goes on to describe the two (internal to J2EE service) realms.

So what you'd need to figure out is 'cross-realm' authentication, which seems like a buzzword I've heard before.
[This message has been edited by Mike Curwen (edited September 21, 2001).] IN a fruitless attempt to figure out how to make the text bigger.
[This message has been edited by Mike Curwen (edited September 21, 2001).]
 
Velmurugan Periasamy
Ranch Hand
Posts: 95
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for the responses.
Still struggling to get a clear picture and the relationship between these technlogies (JAAS, Web app security).
Interestingly, the J2EE specification says


All EJB containers and all web containers must support the use of the JAAS APIs..


But there is nothing mentioned about JAAS in the security chapter(chapter 3) of the specification. In the servlet 2.3 specifications JAAS is never mentioned.
The following links might be useful. I tried to get these things to work, yet no success.
http://sfg.sourceforge.net
http://free.tagish.net/jaas/index.jsp
In one of the Sun's forums I've read somebody has suggested to use LDAP/Kerberose/JNDI instead of messing with NT. I don't know exactly what he meant. Let me know if you find out anything.
Thanks.
------------------
Velmurugan Periasamy
Sun Certified Java Programmer
Sybase Certified EAServer Developer
----------------------
Study notes for Sun Java Certification
http://www.geocities.com/velmurugan_p/
[This message has been edited by Velmurugan Periasamy (edited September 25, 2001).]
[This message has been edited by Velmurugan Periasamy (edited September 25, 2001).]
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic