tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allistair Crossley" <Allistair.Cross...@QAS.com>
Subject RE: Tomcat configuration tuning
Date Thu, 08 Apr 2004 19:50:59 GMT
Hi Yoav
 
It's the Samba team JCIFS NTLM servlet filter, so I guess I need to find out from them if
the auth is done each time.
 
Cheers, ADC
 
-----Original Message----- 
From: Shapira, Yoav [mailto:Yoav.Shapira@mpi.com] 
Sent: Thu 08/04/2004 20:39 
To: Tomcat Users List 
Cc: 
Subject: RE: Tomcat configuration tuning




	Hi,
	Did you profile the filter versus aspects?  Now that's a benchmark I'd
	be really interested in.
	
	To the original poster: assuming your filter is smart enough to check
	the session for a "user is authenticated already" token, the /* mapping
	is not that big a deal.  If you're re-authenticating every time, that's
	terrible, and you should make your filter smarter.
	
	Yoav Shapira
	Millennium Research Informatics
	
	
	>-----Original Message-----
	>From: Charles N. Harvey III [mailto:charlieh@alloy.com]
	>Sent: Thursday, April 08, 2004 3:38 PM
	>To: Tomcat Users List
	>Subject: Re: Tomcat configuration tuning
	>
	>I do just what you described below.  If the loginContext isn't in the
	>session,
	>I show do a global-forward to the login form.  And, because I didn't
	want
	>to
	>have to put a session check into every Struts action I used AspectJ to
	>weave
	>in a pointcut into every action.  Works great.  I was considering going
	>with
	>a filter servlet instead but if you say its slow then maybe I did the
	right
	>thing.
	>
	>
	>Charlie
	>
	>
	>
	>Allistair Crossley wrote:
	>
	>>Slightly off-forum but related to my performance tuning of my tomcat
	>webapp, I am using the JCIFS NTLM authentication servlet as a filter.
	The
	>filter is mapped to all requests /*. I just thought to myself on the
	train
	>home whether because NTLM is a 3-way handshake, that this may be
	causing
	>some kind of performance hit.
	>>
	>>The filter authenticates the desktop user and then populates the
	>request.getRemoteUser. I suppose I "could" do this once with a login
	>servlet and then populate a session user object and if that ever
	expires
	>redirect back to the login servlet.
	>>
	>>Does anyone have an opinion on whether it would be worth my time
	removing
	>the filter per request in favour of a once-only login action.
	>>
	>>I appreciate this is off-tomcat, so no hard feelings if noone replies
	;)
	>>
	>>ADC
	>>
	>>
	>><FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLUE>
	>>-------------------------------------------------------
	>>QAS Ltd.
	>>Developers of QuickAddress Software
	>><a href="http://www.qas.com">www.qas.com</a>
	>>Registered in England: No 2582055
	>>Registered in Australia: No 082 851 474
	>>-------------------------------------------------------
	>></FONT>
	>>
	>>
	>>
	>>----------------------------------------------------------------------
	--
	>>
	>>---------------------------------------------------------------------
	>>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
	>>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
	>>
	>
	>---------------------------------------------------------------------
	>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
	>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
	
	
	
	
	This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.
	
	
	---------------------------------------------------------------------
	To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
	For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
	
	



<FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLUE> 
-------------------------------------------------------
QAS Ltd.
Developers of QuickAddress Software
<a href="http://www.qas.com">www.qas.com</a>
Registered in England: No 2582055
Registered in Australia: No 082 851 474
-------------------------------------------------------
</FONT>

Mime
View raw message