Return-Path: Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 78498 invoked from network); 8 Dec 2000 17:22:48 -0000 Received: from lukla.sun.com (192.18.98.31) by locus.apache.org with SMTP; 8 Dec 2000 17:22:48 -0000 Received: from centralmail1.Central.Sun.COM ([129.147.62.10]) by lukla.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id KAA06080 for ; Fri, 8 Dec 2000 10:22:45 -0700 (MST) Received: from esun1as-mm. (esun1as-mm.Central.Sun.COM [129.147.34.144]) by centralmail1.Central.Sun.COM (8.9.3+Sun/8.9.3/ENSMAIL,v1.7) with SMTP id KAA15462 for ; Fri, 8 Dec 2000 10:22:45 -0700 (MST) Received: from eng.sun.com by esun1as-mm. (SMI-8.6/SMI-SVR4) id KAA17610; Fri, 8 Dec 2000 10:36:17 -0700 Message-ID: <3A311940.DF321C6@eng.sun.com> Date: Fri, 08 Dec 2000 09:24:16 -0800 From: "Craig R. McClanahan" X-Mailer: Mozilla 4.76 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: tomcat-user@jakarta.apache.org Subject: Re: NT authentication References: <32A27D619DB0154C963D55F14552019D175C1F@windlord.worldwidepackets.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N Josh Knowles wrote: > Is there any way that you can set up a page to tap into NT authentication? I > dont know if this would be something that gets set in tomcat or if it is > something that is non-tomcat related so I thought I would just try this > list.Thanks,JoshJosh Knowles > Web Developer > World Wide Packets > josh.knowles@worldwidepackets.com > 509.242.9247 It would be technically feasible to accomplish this, by creating a custom Realm implementation for Tomcat that interfaced to NT's authentication mechanisms via native code and JNI. However, unless you run across an SSL connection (or on an Intranet that is not exposed to the outside world), doing so would be a pretty incredible security risk, because the username and password are communicated across the network in an unencrypted form when you use BASIC or FORM-BASED authentication in your web application. Craig McClanahan