tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Beat Friedli" <bfrie...@hotmail.com>
Subject Re: Authentication with tomcat
Date Thu, 18 Oct 2001 15:21:31 GMT
I'm trying to solve a similar problem. I found the following in the archive 
(if you find an answer please tell me):

***************************
This is a problem of the AJP12 connector, well really not a problem,
it's suppoused that when Tomcat is used behind any Web server ( IIS
in
your case ) the BASIC auth headers are honored by the HTTP Server
itself
not Tomcat, Tomcat ( in cooperation with ISAPI filter ) tries
retrieve
this info from HTTP Server and in the IIS case this is a big
problem, as
the BASIC config on IIS is connected to the NT auth in the OS so
everybody that tries to use IIS Basic auth have this problem...a Sad
problem..

3.3 can help you :) , this problem is resolved by adding a new (
undocumented until today :) attribute to AJP12connector ,
"tomcatAuthentication" when this attribute is true , Tomcat tries to
do
BASIC auth by itself without reliying on HTTPServer capacities....
thus

***************************


>From: "prs05@prosa.com" <prs05@prosa.com>
>Reply-To: tomcat-user@jakarta.apache.org
>To: "tomcat-user@jakarta.apache.org" <tomcat-user@jakarta.apache.org>
>Subject: Authentication with tomcat
>Date: Thu, 18 Oct 2001 16:45:15 +0200
>
>Hi all!
>
>I've written these lines in web.xml, so users must be authenticated to use 
>my application.
>
>     <security-constraint>
>       <web-resource-collection>
>          <web-resource-name>Protected Area</web-resource-name>
>          <url-pattern>/admin/*</url-pattern>
>	 <http-method>DELETE</http-method>
>          <http-method>GET</http-method>
>          <http-method>POST</http-method>
>	 <http-method>PUT</http-method>
>       </web-resource-collection>
>       <auth-constraint>
>          <role-name>AdminTestOnLine</role-name>
>       </auth-constraint>
>     </security-constraint>
>
>     <login-config>
>       <auth-method>BASIC</auth-method>
>       <realm-name>AdminTestOnLine</realm-name>
>     </login-config>
>
>If I use 8080 port it's OK, but if I use web server IIS it ask me an other 
>authentication with Domain input, and I can't loggin.
>
>Can I authenticate with only tomcat?
>What I must do to authenticate users?
>
>
>Please write me to bortolato@prosa.com too.
>
>
>Thanks!


_________________________________________________________________
Downloaden Sie MSN Explorer kostenlos unter http://explorer.msn.de/intl.asp


Mime
View raw message