tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stéphanie Cettou <>
Subject Re: Windows Local user Login
Date Wed, 31 Mar 2010 15:25:17 GMT
I am confusing...

I have a JSP application and tomcat 5.5.

my goal it to implement a login for this application with this mandatory rules:

- Check type of password (more that 8 char, special char,...)
- Ask new password every month (from the web site)
- Block the user after 3 failed login
- Block inactive user (ex after 90 days)

and not Mandatory:
- Single-Sing-On for some users
- Add/modify/delete user from web site
- Get more roles at an user (my Java code is ready for a JDBCRealm
login) * read/modify pages and objects

The user must can connect from more pc, the finally application is in
a Windows 2003 server.
I don't know if I can use active directory (create a new active
directory only for this application = install a new server), or others
I don't know if I need to implement this in java, or a existing
solution is ready...

I don't have a lot of knowledge in active directory, tomcat, NTLM or
Kerberos, ....

I need to be sure to choise the good solution for all point of my goal
while I can't spent a lot of time, and I can't change my solution

can you give me more informations, please? I don't have enough
knowledge to choise the the simplest and best solution now...

thank you


2010/3/31 Christopher Schultz <>:
> Hash: SHA1
> Stéphanie,
> On 3/31/2010 10:08 AM, Stéphanie Cettou wrote:
>> it is possible to do a windows authentication using local window xp
>> users and Tomcat?
> Do you happen to be using ActiveDirectory?
>> <Realm className="org.apache.catalina.realm.JNDIRealm"
>> for Active directory users.
>> It is possible to use the local windows users? If yes, how?
> Try googling for "tomcat windows authentication": there's some stuff out
> there. A couple of things I found before I decided I was getting-in over
> my head (are you using NTLM or Kerberos, etc.?), I found these:
> I'm sure there are others.
> Another possibility (I suspect, though I don't know) is to use IIS out
> in front of Tomcat, and have IIS perform the local authentication for
> you, then pass that information through to Tomcat using AJP. This might
> be an easier path for you to follow.
> - -chris
> Version: GnuPG v1.4.10 (MingW32)
> Comment: Using GnuPG with Mozilla -
> O/cAnjZaOXhzbp/06cHf6NReLYW/9VOB
> =NQ3t
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message