tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: [partly OT] Tomcat SPNEGO valve - role assignment in 'grant-all' realm
Date Thu, 11 Oct 2012 12:03:44 GMT
Maarten van Hulsentop wrote:
> Hi,
> We are configuring our Tomcat web application to authenticate using SPNEGO
> (Kerberos in particular) on Tomcat 7.0.29.


If you are interested in that subject in general, may I suggest that you have a look at 
Jespa ( ?
(I have no commercial interests in that company or product, I am just a user (although a 
satisfied one)).

It works as a servlet filter, not as a Realm etc.  But it works very well and offers an 
interesting API to do special things with AD. It also allows you to use the AD Groups as 
Roles in Tomcat.

Downloading it is free, as is its usage for up to 25 users.  Above that you pay a license,

but it is not expensive.  Maybe just reading the Operator's Manual which comes in the 
download will give you some ideas, if you still decide to brew your own solution.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message