tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Tomcat login
Date Tue, 30 Mar 2010 15:08:22 GMT
Stéphanie Cettou wrote:
>  Hi,
> 
>  I use Tomcat 5.5.
>  I have a JSP application.
>  The login is implemented with database.
> 
> <Realm  className="org.apache.catalina.realm.JDBCRealm" .....
> 
>  I need to increase the security. I want that the user have only 3
>  retry for the login, the user must change the password every months, I
>  need a password policy (8 char, Maj and min,...).
> 
>  How I can implement this?
> 
>  I think to use active directory, but I can't manage user and passwords
>  directly with tomcat, or yes?
> 
Hi Stéphanie.

Maybe as an alternative..

If you mention Active Directory, does that mean that all your Tomcat 
users are working on MS Windows workstations, and login to a Windows 
domain before they call up the browser and access your Tomcat-based 
applications ?

I am asking because if that is the case, then there exist solutions 
which would allow your users to not even have to login (to your Tomcat 
applications), and will automatically use their Windows domain user-id 
for Tomcat.
And the management of users and passwords is then left to the AD system, 
and you get a Single-Sign-On solution at the same time.

This scenario may or may not fit your needs, but if it does, it may be a 
big simplification for you.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message