tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lucia Moreno Lopez <Lucia.Moreno.Lo...@cern.ch>
Subject RE: how to integrate Shibboleth and Tomcat
Date Wed, 05 Nov 2008 15:13:18 GMT
Hi! 

Yes, I am using httpd in front. 

To perform Shibboleth authentication, we are using Apache httpd to front
the Tomcat servlet environment. The Shibboleth service provider installs
as an Apache module (mod_shib) and a supporting daemon process (shibd).
The Apache server communicates with Tomcat using AJP/1.3 protocol via
the JK connector. 

The above configuration is sufficient for Tomcat servlets to be able to
retrieve the authenticated username using request.getRemoteUser(), but
does not of itself establish servlet invocation as being authenticated. 

For this, it is necessary to place a <security-constraint> on the
context URI that is used to invoke the servlet. This is done in the web
applications web.xml file. 

I was wondering if there is already something developed for this (JASS
realm, etc).

Thanks again,
Lucia

-----Original Message-----
From: Lucia Moreno Lopez 
Sent: Wednesday, November 05, 2008 3:23 PM
To: 'users@tomcat.apache.org'
Subject: how to integrate Shibboleth and Tomcat

Hello, 
I need to integrate Shibboleth and Tomcat. 
We are using tomcat 5.5.23, mod_jk connector 1.2.23 and the reference
implementation of Shibboleth version 2.0. We're running on a Linux
RedHat Enterprise environment.

Do you know any JAAS realm open source implementation or any other way
to implement authentication in tomcat using shibboleth?

Thanks in advance for your help,
Lucia

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message