tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: decouple authentication and authorization of TOMCAT
Date Mon, 14 Sep 2009 15:51:36 GMT
John Chen wrote:
> Hi,
> 
>  
> 
> We have installed a third-party software running on tomcat. Is there
> anyway to decouple tomcat authentication and authorization? We have to
> use AD for authentication and we are not encouraged to add groups to AD
> just for the new software.
> 
>  
> 
> Any help would be appreciated.
> 
Since you said any, here is mine :
I think you want to look at the following 2 things :
1) search Google for "tomcat +securityfilter"
2) http://www.ioplex.com, look at Jespa

As I understand it,
- Jespa will allow you to authenticate users based on their Windows 
Domain login
- securityfilter should then allow you to allow access or not, based on 
that prior authentication

(and, basically, you do not use Tomcat realm-based AAA)

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message