Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
Reply-To: tomcat-user@jakarta.apache.org
Message-ID: <087701c13cb2$ef848810$46008780@secns.uchicago.edu>
From: "Jonathan Eric Miller" <jemiller@uchicago.edu>
To: <tomcat-user@jakarta.apache.org>, <frank.lawlor@athensgroup.com>
References: <961C59AC8DAAD411809900105AE36098018563@zeus.athensgroup.com>
Subject: Re: Using Windows Native Security
Date: Thu, 13 Sep 2001 19:19:36 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

In the future when "username login mode" authentication is supported in
JNDIRealm, you could probably get it to authenticate against ActiveDirectory
that way. It wouldn't actually be using NTLM though. Also, I was thinking
that it might be cool to have a KerberosRealm class that you could use to
authenticate using Kerberos. Kerberos on the backend anyway (not the way
you're supposed to use Kerberos, but, useful if what you want is single
sign-on). Kerberos authentication is supported natively in JDK 1.4. I did
some testing of it using it with JNDI and I was able to authenticate to
Active Directory using Kerberos.

Jon

----- Original Message -----
From: "Frank Lawlor" <frank.lawlor@athensgroup.com>
To: "Tomcat (E-mail)" <tomcat-user@jakarta.apache.org>
Sent: Wednesday, September 12, 2001 4:39 PM
Subject: Using Windows Native Security


> Does anyone have any references or information on using
> native windows security (NTLM?) for Tomcat security?
>
> Are there any Java JNI wrappers for the native system calls?
>
> Are there any higher-lever implementations to some other
> more usable interface (JAAS, LDAP, etc.)?
>
> Thanks,
>
> Frank Lawlor
> Athens Group, Inc.
> (512) 345-0600 x151
> Athens Group, an employee-owned consulting firm integrating technology
> strategy and software solutions.
>
>
>