tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stéphanie Cettou <s.cet...@gmail.com>
Subject Re: Windows Local user Login
Date Wed, 31 Mar 2010 16:26:23 GMT
I have SQL server 2000...

If I decide to use active directory I need to write my code to catch
exceptions when user logs in with expired, inactive, etc. passwords?
It is possible to catch this exceptions from active directory to java?

Thanks!



2010/3/31 Leo Donahue - PLANDEVX <LeoDonahue@mail.maricopa.gov>:
> What database are you using?
>
> SQL Server 2005 and later allows you to use windows password policy and password expiration.
 You can enable that when you create your sql login.  You create your windows password policy
outside of Tomcat in active directory.
>
> However, as David pointed out to you in your other thread, you have write your own code
to catch sql exceptions when user logs in with expired, inactive, etc. passwords.
>
> Leo
>
> -----Original Message-----
> From: Stéphanie Cettou [mailto:s.cettou@gmail.com]
> Sent: Wednesday, March 31, 2010 8:25 AM
> To: Tomcat Users List
> Subject: Re: Windows Local user Login
>
> I am confusing...
>
> I have a JSP application and tomcat 5.5.
>
> my goal it to implement a login for this application with this mandatory rules:
>
> - Check type of password (more that 8 char, special char,...)
> - Ask new password every month (from the web site)
> - Block the user after 3 failed login
> - Block inactive user (ex after 90 days)
>
> and not Mandatory:
> - Single-Sing-On for some users
> - Add/modify/delete user from web site
> - Get more roles at an user (my Java code is ready for a JDBCRealm
> login) * read/modify pages and objects
>
>
> The user must can connect from more pc, the finally application is in a Windows 2003
server.
> I don't know if I can use active directory (create a new active directory only for this
application = install a new server), or others things...
> I don't know if I need to implement this in java, or a existing solution is ready...
>
> I don't have a lot of knowledge in active directory, tomcat, NTLM or Kerberos, ....
>
> I need to be sure to choise the good solution for all point of my goal while I can't
spent a lot of time, and I can't change my solution later...
>
> can you give me more informations, please? I don't have enough knowledge to choise the
the simplest and best solution now...
>
> thank you
>
> Stéphanie
>
>
>
> 2010/3/31 Christopher Schultz <chris@christopherschultz.net>:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Stéphanie,
>>
>> On 3/31/2010 10:08 AM, Stéphanie Cettou wrote:
>>> it is possible to do a windows authentication using local window xp
>>> users and Tomcat?
>>
>> Do you happen to be using ActiveDirectory?
>>
>>> <Realm className="org.apache.catalina.realm.JNDIRealm"
>>> for Active directory users.
>>>
>>> It is possible to use the local windows users? If yes, how?
>>
>> Try googling for "tomcat windows authentication": there's some stuff
>> out there. A couple of things I found before I decided I was
>> getting-in over my head (are you using NTLM or Kerberos, etc.?), I found these:
>>
>> http://spnego.sourceforge.net/
>> http://wiki.apache.org/tomcat/FAQ/Windows#Q4
>>
>> I'm sure there are others.
>>
>> Another possibility (I suspect, though I don't know) is to use IIS out
>> in front of Tomcat, and have IIS perform the local authentication for
>> you, then pass that information through to Tomcat using AJP. This
>> might be an easier path for you to follow.
>>
>> - -chris
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.10 (MingW32)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>>
>> iEYEARECAAYFAkuzW74ACgkQ9CaO5/Lv0PCWjgCghZXSFIO8/W/vrYJRdJ8JFJ9n
>> O/cAnjZaOXhzbp/06cHf6NReLYW/9VOB
>> =NQ3t
>> -----END PGP SIGNATURE-----
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message