tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter Kahn" <>
Subject Adding NTLM Auth to the Entire tomcat instance
Date Thu, 25 Oct 2007 14:14:27 GMT
Can someone let me know how to setup NTLM authentication such that all
access to tomcat is restricted to users in a specific group?

I have an instance of tomcat and it is serving several opengrok web apps.
Each opengrop app is pointing at a different source tree.  I want to
restrict access to all of these webapps to a specific group of users.

When I offer php based webapps and restrict them to a group of users, I use
apache2 authentication with a perl based NTLM extension.  Since tomcat is
running on a different port,   I tried binding tomcat to localhost or
loopback only and then used the proxy directive from apache2 to the offer
the applications to users on my lan.  This worked, but the NTLM auth failed
when I added it in.  I see my options as:
  a) get apache auth to work via the proxy
  b) forget apache auth and have tomcat handle the authentication.

I looked around the docs, googling here and there but most authentication
appeared to be at the individual web application level and not for the
entire instance.
  - Is authentication at the entire tomcat instance level a practice that
people do?
  - Is there a standard way to tie it into NTLM?

So, can you send me links or advice if you happen to know of a good resource
for issue or see that I'm approaching in a needlessly difficult way?  Thanks

Peter Kahn, pkahnpie1@AIM

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message