tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kenneth topp <cau...@prodigy.net>
Subject Re: Sharing sessions across contexts?
Date Sat, 07 Oct 2000 01:46:27 GMT
On Fri, 6 Oct 2000, Craig R. McClanahan wrote:

> What you are describing is somewhat similar to the "single sign on" support
> that was just added to Tomcat 4.0.  It relies on webapps that use the
> container-managed security features of the servlet 2.2/2.3 APIs, and works
> like this:  the first time the user tries to access a URI protected by a
> security constraint, the user must log in according to the login
> configuration of that webapp.  However, their user identity is propogated
> across all the webapps of this virtual host so the user won't be challenged
> to log in to each webapp individually.

this is just an implementation of http authentication of rfc2617, no?

Is the security constraint going to be customizable, like apache
(mod_auth_*)?

Kenneth Topp


Mime
View raw message