tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nacho <na...@siapi.es>
Subject Bypassing IIS security
Date Sun, 19 Nov 2000 21:17:48 GMT
Hola A todos:

Lately I'm trying to figure out a way to bypass the basic/digest
security handling done by ISS, and so let it be done by tomcat, as it's
a pain under IIS as it requires to have the users created at OS level, (
at least i unable to found a  way to do that  ), but apart from MS
blues.....

I did found that way only by changing a single line inside the ajp12
handling routine , and letting remoteuser be obtained by tomcat itself,
i think this works for all servers and for basic&digest authentication ,


Can be useful to know of to somebody, if anybody found it useful i can
add an option to server.xml to control that ( at contextmanager level
i.e) , and i'm thinking only of TC 3.3 and TC 4.0 at that time.

What do you think?

Saludos ,
Ignacio J. Ortega

Mime
View raw message