tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Ochani" <ocha...@ncc.edu>
Subject Re: Reuse Windows Logon credentials
Date Mon, 14 Jul 2008 16:47:58 GMT
Date sent:	Mon, 14 Jul 2008 17:54:02 +0200
From:	Faris Ahmed <Faris.Ahmed@infor.com>
Subject:	Reuse Windows Logon credentials
To:	users@tomcat.apache.org
Send reply to:	Tomcat Users List <users@tomcat.apache.org>

> Dear list,
> 
> I would like use Tomcat instead of IIS in this environment:
> 
> 
> 
> 1)      Client computer running Windows Internet Explorer.
> 
> 2)      Web server computer running a web application in Microsoft IIS
> 6.0. 
> 
> 3)      Database server computer running Microsoft SQL server with
> Windows Authentication.
> 
> 4)      All three computers are members in one Windows 2003 domain.
> 
> 
> 
> User interaction:
> 
> 1)      User logs on to the client computer with a Microsoft domain
> user account and starts IE.
> 
> 2)      User browses to the webapp and is immediately logged in as the
> domain user in step 1 (no extra login takes place on the server).
> 
> 3)      The webapp access Microsoft SQL server on a third computer and
> reuses the Windows credentials to login to SQL server.
> 
> 
> 
> In a pure Windows environment only one logon is necessary on the
> client computer. The user security credentials are reused on the web
> server and the database server without extra login.
> 
> 
> 
> Question: Can I do the same with Tomcat replacing IIS? This means:
> 
> 
> 
> 1)      Can Tomcat accept\understand the Windows credentials from the
> client computer?
> 
> 2)      Can the web app inside Tomcat reuse the credentials and access
> SQL server using JDBC and Windows authentication.
> 
> 
> 
> Note:
> 
> The JCIFS (http://jcifs.samba.org/src/docs/ntlmhttpauth.html) is not
> enough for my environment because I only get the user name in Tomcat. 
> 

Not sure about issue #2 but JCIFS is exactly for issue #1. You will never get access to 
someones un-hashed password.



-Steve O.





---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message