Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 3C4716FCF for ; Wed, 27 Jul 2011 10:09:56 +0000 (UTC) Received: (qmail 46642 invoked by uid 500); 27 Jul 2011 09:41:38 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 46480 invoked by uid 500); 27 Jul 2011 09:40:57 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 46433 invoked by uid 99); 27 Jul 2011 09:40:45 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Jul 2011 09:40:45 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of aw@ice-sa.com designates 212.85.38.228 as permitted sender) Received: from [212.85.38.228] (HELO tor.combios.es) (212.85.38.228) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Jul 2011 09:40:35 +0000 Received: from [192.168.245.129] (p549E8CE0.dip0.t-ipconnect.de [84.158.140.224]) by tor.combios.es (Postfix) with ESMTPA id 88DD3DA00E2 for ; Wed, 27 Jul 2011 11:40:14 +0200 (CEST) Message-ID: <4E2FDCFE.9060606@ice-sa.com> Date: Wed, 27 Jul 2011 11:40:14 +0200 From: =?ISO-8859-1?Q?Andr=E9_Warnier?= Reply-To: Tomcat Users List User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Finding user name without authentication References: <32146111.post@talk.nabble.com> In-Reply-To: <32146111.post@talk.nabble.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Vibhor Kumar Agarwal wrote: > Hello Folks, > > Looking for an option to find the user name opening the web server portal. > Don't want to authenticate via LDAP, NIS, etc. > > Does the web server know the login id of windows? > The way you phrase things above is self-contradictory, because 1) The /only/ way by which the webserver would know the user-id is by doing /some kind/ of authentication. (Another way to say this : if the webserver does not do any kind of authentication, then it does not know the user-id). 2) As authentication /method/, you can choose between different mechanisms : - a login page - LDAP - NIS - ... and - Windows Domain authentication 3) If you want the webserver to authenticate the user by his Windows Domain login, then you must use the last option above. There are several ways of implementing this (*), and also pre-requisites for this to work (for example, the webserver will generally need to be itself "inside the domain" to able to do this kind of user authentication). (*) Have a look at http://tomcat.apache.org/tomcat-7.0-doc/windows-auth-howto.html, and also at http://www.ioplex.com/jespa.html (commercial). Addendum : In the above, I was assuming a) that the webserver you are talking about is Tomcat b) that you mean a configuration where Tomcat is accessed directly by the user browser (as opposed to a configuration where Tomcat is behind some other front-end system). In case (b), there are also methods to authenticate the user at the front-end level, and pass this authentication to Tomcat inside each forwarded request. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org