tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <>
Subject Re: Do any of the Tomcat LDAP-type realms support "no password" authentication?
Date Sat, 03 Dec 2011 23:23:27 GMT

---- "André Warnier" <> wrote: 
> wrote:
> > ---- "André Warnier" <> wrote: 
> >> wrote:
> >>>> Now let me ask another question :
> >>>> Why do you need to authenticate the user at the Apache level, and pass
this user-id to 
> >>>> Tomcat ?
> >>>> Obviously, from the OAM documentation I scanned, there must exist an
OAM module directly 
> >>>> for Tomcat, to authenticate users there.  Why are you not using that
> >>>
> >>> It seems like they should have one, but, unfortunately, they don't.
> >>>
> >> Mmm. Browsing the documentation, I seem to remember seeing something about Weblogic,
no ?
> >> Is that not usable ?
> >>
> >> (As an aside, send your messages only to the list. I get all messages to the
list anyway, 
> >> so if you send them to me too, I get them twice).
> > 
> > 
> > Hi,
> > 
> > Sorry about the emails.  
> > 
> > Yes, they do support integrating with WebLogic, and we do use that for other cases,
but that's probably a bit off-topic here.
> > 
> We don't mind the competition here. Keeps us on our toes.
> Just kidding.
> What I meant to ask (me being the not-so-Java specialist see) was, since Weblogic is
> servlet engine, and Tomcat is a servlet engine, both ought to abide by the servlet spec

> and such, so isn't the Weblogic-oriented module usable with Tomcat ?
> Or is this too much of a rosy view of the world ?
> Anyway, the only other thing that comes to mind is, since you seem to be an OAM customer,

> can you not ask the OAM support people if OAM sets the internal Apache user-id or not


I'll answer the last question first:  We have asked, but they don't support integration with
Tomcat out-of-the-box.  That was why I've been looking into it for our organization.

Re. your 1st question, yes, WebLogic is J2EE, but the integration that Oracle has with WebLogic
is based on providers that leverage the (old) WebLogic/BEA security framework, which is/was
proprietary to WebLogic, so those providers are not compatible with or usable with anything
other than WebLogic.

The situation is similar to Tomcat and valves I guess, i.e., Tomcat is J2EE compliant (for
JSPs, servlets, etc., but valves are "proprietary'' to Tomcat.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message