Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 5160 invoked from network); 6 Mar 2011 12:25:04 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 6 Mar 2011 12:25:04 -0000 Received: (qmail 83908 invoked by uid 500); 6 Mar 2011 12:25:01 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 83700 invoked by uid 500); 6 Mar 2011 12:25:01 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 83690 invoked by uid 99); 6 Mar 2011 12:25:01 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 06 Mar 2011 12:25:01 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of hilavalensia@gmail.com designates 209.85.216.173 as permitted sender) Received: from [209.85.216.173] (HELO mail-qy0-f173.google.com) (209.85.216.173) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 06 Mar 2011 12:24:53 +0000 Received: by qyk36 with SMTP id 36so1517922qyk.18 for ; Sun, 06 Mar 2011 04:24:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:from:date:message-id:subject:to :content-type; bh=XSesSWlU4S5iX/a7KQRhq+3f+chQXJK71+JQYM9v2MQ=; b=jNZ4wj3uA/DU1wvZxLXeWSazLkka09ppxjN1mJ4HOMS3ILXAFP3xLNROatjqzEd6pC 1S0XSjkw+4J8UvLLD99Yz5AqnwJI5GP+q6i27565GnZfuan64zyDhrvfrr+3mJcG76Y8 OcL6MsQKxoEQfLlclALASbFHWjk4Jk7AhVTCE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; b=IsZtfLZ6bhTJBbvldddoQnQZXARPejhoDdShgrp+LTbG+T9JYmxeqXHtEWpr4N49RO 1cgB0jdTACr5QxQCKWdtkhrIdgu55kLekOPk6jL6hcGqkZwXAg9FjUl/FB0lMpccjbZk 1o1xf7URkn6Z0MfBnfw9E94wCR4UiAhRWIauw= Received: by 10.229.79.196 with SMTP id q4mr2080264qck.132.1299414272355; Sun, 06 Mar 2011 04:24:32 -0800 (PST) MIME-Version: 1.0 Received: by 10.229.14.133 with HTTP; Sun, 6 Mar 2011 04:24:12 -0800 (PST) From: =?UTF-8?B?15TXmdec15Q=?= Date: Sun, 6 Mar 2011 14:24:12 +0200 Message-ID: Subject: Tomcat NTLM Authentication To: Tomcat Users List Content-Type: multipart/alternative; boundary=001636426b411eb079049dcf76f4 X-Virus-Checked: Checked by ClamAV on apache.org --001636426b411eb079049dcf76f4 Content-Type: text/plain; charset=ISO-8859-1 Hey, I want to change the way that tomcat authenticates to the DB of our application, from SQL authentication to Windows authentication. We use Tomcat 6.0.29 , and the user and password to connect to the DB is specified in clear text in the xml configuration file under the folder conf/catalina/localhost. My goal is to remove the user and password from the xml file, and letting the tomcat windows service run with a domain user that has permissions to the DB. when I searched for a solutions for what i'm trying to do, i got to this page- http://wiki.apache.org/tomcat/FAQ/Windows#Q4 Which suggest these methods: -Waffle/JNA -Tomcat SPNEGO -SPNEGO SF -Jespa (commercial) -Tomcat IIS Connector -Samba JCIFs (obsolete, no NTLMv2) Are one of these methods suit for what I'm trying to do? When reading about Tomcat SPNEGO, it says that users working on a windows client OS and IE or Firefox, can be silently authenticated (SSO) to a Tomcat running on a windows server via NTLM or kerberos. It doesn't seem to be what I aim for, since tomcat users are not interest me, only the tomcat windows service and how it connects to the DB Your help would be appreciated :] Thanks Hila --001636426b411eb079049dcf76f4--