tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cenk Oguz <>
Subject mod_spnego SingleSignOn over mod_jk
Date Wed, 02 Jan 2008 02:12:28 GMT
I am looking into configuring SingleSignOn Kerberos authentication in a Tomcat application
using SPNEGO authentication on a Apache2 frontend server. The fontend apache2 currently forwards
all requests to Tomcat through mod_jk.

As I see there is an apache2 module for Kerberos authentication without user intervention,

However I am curious of knowing if it is possible using mod_spnego to forward the authenticated
user/principal in a http header to Tomcat from Apache, in the mod_jk stream. The packaged
Tomcat application requires an http header that containes the user.

Also, will autentication take place before mod_jk forwards the request? If mod_jk acts before
autentication there is no point in proceding with this.

Has anyone had experience in this?


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message