From users-return-236754-apmail-tomcat-users-archive=tomcat.apache.org@tomcat.apache.org Thu Sep 20 14:30:29 2012 Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C5102D2A2 for ; Thu, 20 Sep 2012 14:30:29 +0000 (UTC) Received: (qmail 34804 invoked by uid 500); 20 Sep 2012 14:30:26 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 34669 invoked by uid 500); 20 Sep 2012 14:30:26 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 34659 invoked by uid 99); 20 Sep 2012 14:30:26 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 20 Sep 2012 14:30:26 +0000 X-ASF-Spam-Status: No, hits=0.7 required=5.0 tests=RCVD_IN_DNSWL_NONE,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [76.96.62.96] (HELO qmta09.westchester.pa.mail.comcast.net) (76.96.62.96) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 20 Sep 2012 14:30:18 +0000 Received: from omta03.westchester.pa.mail.comcast.net ([76.96.62.27]) by qmta09.westchester.pa.mail.comcast.net with comcast id 1P8b1k0030bG4ec59SW2mb; Thu, 20 Sep 2012 14:30:02 +0000 Received: from Christophers-MacBook-Pro.local ([69.143.109.145]) by omta03.westchester.pa.mail.comcast.net with comcast id 1SQo1k00F38FjT13PSQp68; Thu, 20 Sep 2012 14:24:50 +0000 Message-ID: <505B273A.5050602@christopherschultz.net> Date: Thu, 20 Sep 2012 10:24:58 -0400 From: Christopher Schultz User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:15.0) Gecko/20120907 Thunderbird/15.0.1 MIME-Version: 1.0 To: Tomcat Users List Subject: Re: very basic question about apache and tomcat References: <505A3CF4.8010404@rushtone.com> <505A500E.9010802@christopherschultz.net> In-Reply-To: X-Enigmail-Version: 1.4.4 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jeff, On 9/19/12 7:38 PM, Jeff wrote: > I have a related question since we recently implemented > authentication to AD via LDAP in our Tomcat WebApp but it currently > prompts the user for every new session, even if they are hitting > the site from their windows workstation that is already > authenticated to the domain. > > Is there a way to do it that detects the user's current AD session > and eliminates the need to prompt them, preferably browser > (Chrome/FF/IE) independent? If so, it would be great! I believe this is possible, but you need your browser to be complicit by sending your Kerberos token(s). I have no idea how to do that, but I believe others on the list (André? Warnier) have done such things. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBbJzoACgkQ9CaO5/Lv0PBk+wCfQgsPrw1+zbSv7KvtpyYeM5y5 X/0An2KDNsv+OXSoTI0blxpJFeDcUKvV =DiiC -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org