tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Basic authentication without a secure connection
Date Mon, 04 May 2009 06:44:43 GMT
Mmmm wait.. I think I am starting to understand what you want.

A question first : are the Tomcat server (+Struts) and the php 
application on the same host ?

A second question : does your Tomcat host know the login user-id and 
password of the users ? In other words, can the host where Tomcat runs 
/verify/ the user login ?

Is what you want the following ?
You want that the users connect to the Tomcat host first, login, and 
then that this login would be valid for both the Tomcat application and 
also the php application ?
So that, in your Struts application, you could just give them a link to 
the php application, and when they click on that link they go the php 
application, but do not have to login again ?


Tokajac wrote:
> I think my idea would be scenario 4.)
> 
> I want to:
> 1.) 
> Open a browser and write Tomcat application's address
> (localhost:8080/myapp);
> 2.) 
> Write username and password in login fields of the application;
> 3.) 
> Save credentials in session after successful login;
> 4.)
> Have link to completely separate application on newly opened page; 
> 5.)
> When link is clicked, request should be sent that contains row:
> "Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
> Login username and password would be the same for both applications.
> On this way, I don't need to type username and password again;
> 6.)
>>>From now on, php application is on-board and Tomcat can be forgotten (it
> remains reachable only via browser's Back button);
> 
> 
> I will look now after httpd that you mentioned, awarnier.
> 
> 
> Regards
> 
> 
> 
> 
> 
> 
> 
> awarnier wrote:
>>
>> 4)
>> User --> front-end --> Tomcat --> Struts application
>>           front-end --> other server --> php application
>>
>> If you don't need to be in-between, that is the easiest solution.
>> As the front-end, you can use many things.  Apache httpd being only one 
>> of the possibilities.
>>
>> So, which kind of scenario is yours ?
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message