tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: LDAP on TOMCAT 7.0.30
Date Thu, 31 Jan 2013 08:00:07 GMT
N.s.Karthik wrote:
> Hi
> Thx for the Conversation
> but still i am not convinced
> How Do I achieve  SSO + LDAP  for the setup as define below,
> I absolutely do not have any Idea, I am confused with lot's URL's
> Apache 2.2x (httpd-ssl)  ----> Tomcat----> DB

why SSL between Apache2 and tomcat ? is it necessary ?
Usually, people do this :

browser <-- HTTPS --> Apache <-- HTTP or AJP --> Tomcat <--> DB

> Traffic expected on system is 300+ 

300+ what ?
requests per hour, requests per day, per minute ?
number of simultaneous sessions ?

  using IE, FFOX, Safari , Opera, Crome
> per day,So cannot have some sort of browser plugin, specific installation on
> every system.

None of the things suggested so far include anything at the browser level.

You are not getting precise answers, because your question is too vague.
SSO means "Single Sign On".  It just means that a user should have to login only once, and

then this login would be valid for several applications.

For exactly the above, Tomcat provides a Single-Sign-On Valve, which will alllow a user to

login once to the first application running on Tomcat, and then the login will be valid if

he calls other applications on the same Tomcat, and for these other applications running 
on the same Tomcat he will not have to login again.
(But if he goes to another server, or closes his browser and then comes back to Tomcat, he

will have to login again).

Note that in the above, I do not specify *how* the login happens.
That is Authentication, and it is independent of the SSO aspect.

Now some people, when they say "SSO + LDAP", actually mean : I want the users to be 
logged-in automatically in the Tomcat application, based on the login that they did in 
Windows on their workstation when they arrived in the morning. Is that what you mean ?

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message