tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: decouple authentication and authorization of TOMCAT
Date Mon, 14 Sep 2009 16:40:54 GMT
John Chen wrote:
> I am also thinking using Apache Web Server to do the authentication and use tomcat for
authorization, do you think it would work?
With the Apache/mod_jk/Tomcat combination it can, certainly.
There exists (I believe in the <Connector> element of Tomcat), an 
attribute "tomcatAuthentication", which when set to false makes Tomcat 
accept the user-id authenticated by Apache as its own.
I do not know with other connectors.
But if this would be the only reason to put Apache in front of your 
Tomcat, it would be a lot of complication for that sole purpose.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message