Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Active Directory Authentication

 
Tom Keith
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
All,

I have a question regarding FORM Based Authentication. How is j_password protected from hacking meaning that if a Servlet Filter is written then the NT password can be read from the request which is not good for users as they do not want theit NT passwords to be seen. Is there any way to protect the password from being seen? Does App servers like WLS/WAS/JRun etc., do it? If so how?

Thanks,
Tom
 
dema rogatkin
Ranch Hand
Posts: 294
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
All filters must be disabled for authentication. Check with your servlet container.
 
Tom Keith
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How do I disable Servlet Filters? Is there a config file?

Another question, Can I write my own AA (Authentication & Authoursation) module by overcoming the password display problem? If so how?

Thanks,
Tom
 
Tom Keith
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can somebody help me out on this please?

Thanks,
Tom
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic