Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 36062 invoked from network); 29 Mar 2011 19:10:08 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 29 Mar 2011 19:10:08 -0000 Received: (qmail 31552 invoked by uid 500); 29 Mar 2011 19:10:05 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 31311 invoked by uid 500); 29 Mar 2011 19:10:05 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 31302 invoked by uid 99); 29 Mar 2011 19:10:05 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 29 Mar 2011 19:10:05 +0000 X-ASF-Spam-Status: No, hits=0.0 required=5.0 tests= X-Spam-Check-By: apache.org Received: from [140.211.11.9] (HELO minotaur.apache.org) (140.211.11.9) by apache.org (qpsmtpd/0.29) with SMTP; Tue, 29 Mar 2011 19:10:04 +0000 Received: (qmail 35868 invoked by uid 99); 29 Mar 2011 19:09:44 -0000 Received: from localhost.apache.org (HELO [192.168.23.9]) (127.0.0.1) (smtp-auth username markt, mechanism plain) by minotaur.apache.org (qpsmtpd/0.29) with ESMTP; Tue, 29 Mar 2011 19:09:44 +0000 Message-ID: <4D922E6D.4000602@apache.org> Date: Tue, 29 Mar 2011 20:09:33 +0100 From: Mark Thomas User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-GB; rv:1.9.2.15) Gecko/20110303 Thunderbird/3.1.9 MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Windows Authentication: Issue 49318 vs 47679 References: <4D8F8172.8040303@mayr-stefan.de> <4D904BB6.6020507@apache.org> <4D90FE28.80406@mayr-stefan.de> <4D91EA9D.5060204@apache.org> In-Reply-To: <4D91EA9D.5060204@apache.org> X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 29/03/2011 15:20, Mark Thomas wrote: > On 28/03/2011 22:31, Stefan Mayr wrote: >> Native SPNEGO in Tomcat sounds great. Waiting a little while depends on >> your scale of "little". Is there already some development we can follow? >> Will this use Java GSS? I never figured out how to configure this with >> Tomcat. > > "little" hopefully means the next week or so in a 7.0.12 release. I have > a handful of things I need/want to get into 7.0.12 and SPNEGO is one of > them. > > Having spent more time than I want to think about and having lost count > of the number of times I re-installed Windows 2k8 server to test this, I > finally got this working a few minutes ago. The current code is *very* > rough and ready and it only does authentication, not authorisation so I > still have some work to do. > > The solution is based on ideas from Spring Security's Kerberos extension > and the most recent patches attached to bug 48685. > > I'll be committing an initial implementation once I have cleaned up the > code a bit and then I'll build on that to add authorisation, more > configuration etc. The first part just got committed [1]. More to follow over the next day or so. Mark [1] http://svn.apache.org/viewvc?rev=1086683&view=rev --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org