tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Martin Gainty" <mgai...@hotmail.com>
Subject Re: Form Based Authentication : connection and bind to directory problems
Date Mon, 04 Dec 2006 22:57:46 GMT
Good Afternoon
yes..sooner or later you will need to test your authenticate algorithm with valid username/password
combination
If you're in healthcare app such as ADAM your authentication algo will need to support HIPAA
law 
In any case please keep me apprised on your progress,
Thanks
Martin --
This e-mail communication and any attachments may contain confidential and privileged information
for the use of the 
designated recipients named above. If you are not the intended recipient, you are hereby notified
that you have received
this communication in error and that any review, disclosure, dissemination, distribution or
copying of it or its 
contents
----- Original Message ----- 
From: "Christopher Buffington" <buffingtonc@gmail.com>
To: "Tomcat Users List" <users@tomcat.apache.org>; "Martin Gainty" <mgainty@hotmail.com>
Sent: Monday, December 04, 2006 5:40 PM
Subject: Re: Form Based Authentication : connection and bind to directory problems


> Thanks for the info. I have actually gotten this far. In the examples
> connectionName and connectionPassword are used and I'm trying not to put
> those valuse in my Realm configuration. I am able to do it by turning on
> anonymous logins in ADAM but I know this will not be allowed for a final
> solution.
> 
> Thanks
> 
> 
> 
> On 11/29/06, Martin Gainty <mgainty@hotmail.com> wrote:
>>
>> Would have to see your server.xml configuration for <Realm
>> Here is an example of a successful AD entry specified in Realm
>> be mindful that referrals="follows" must be specified "follows" to use
>> Microsoft AD
>> Declarative example follows here
>>
>> http://mail-archives.apache.org/mod_mbox/tomcat-users/200311.mbox/%3C819E8DE0BA5B76408A9D7C9AC5866FC38338@web00.computing-oasis.com%3E
>> Here is the javadoc for JNDIRealm (for programmatic implementation)
>> This e-mail communication and any attachments may contain confidential and
>> privileged information for the use of the
>> designated recipients named above. If you are not the intended recipient,
>> you are hereby notified that you have received
>> this communication in error and that any review, disclosure,
>> dissemination, distribution or copying of it or its
>> contents
>> ----- Original Message -----
>> From: "Christopher Buffington" <buffingtonc@gmail.com>
>> To: <users@tomcat.apache.org>
>> Sent: Wednesday, November 29, 2006 1:54 PM
>> Subject: Form Based Authentication : connection and bind to directory
>> problems
>>
>>
>> > I'm trying to use form based authentication with JNDIRealm to validate
>> users
>> > in an Active Directory Application Mode (ADAM) directory. I have a small
>> > test app working; however, I must enable anonymous binds in ADAM or
>> provide
>> > the username and password in the realm element. Obviously both of these
>> > options are not ideally secure.
>> >
>> >
>> > What I want is to have the Tomcat connect and bind to the directory with
>> the
>> > username and password supplied in the login form. The Realms and AAA
>> section
>> > of the docs say this: "If these properties (connectionName and
>> > connectionPassword) are not specified the connection is anonymous. This
>> is
>> > sufficient in many cases." What I run in to is that when Tomcat tries
>> the
>> > initial connection it fails. I then cannot connect and bind with the
>> user
>> > name and password supplied by the form. Does anyone know of a way to
>> force
>> > Tomcat to attempt the connection and bind after the failed connection
>> > attempt?
>> >
>> >
>> > Thank you
>> >
>> > Chris
>> >
>
Mime
View raw message