https://bz.apache.org/bugzilla/show_bug.cgi?id=64222
b...@wigeogis.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|WORKSFORME |---
Status|RESOLVED |REOPENED
--- Comment #6 from b...@wigeogis.com ---
Next time on the users list, sorry.
Could you please improve the documentation?
https://tomcat.apache.org/tomcat-9.0-doc/windows-auth-howto.html
As already written in comment #4 , I did not know how to configure the built-in
SSO properly.
http://tomcat.10.x6.nabble.com/Help-with-SPNEGO-Pass-Through-td5073933.html
gave some hints.
In fact a Valve setting the SpnegoAuthenticator and the correct Realm
(AuthenticatedUserRealm) are necessary!
Additionally in the web.xml
1) you must use auth-method SPNEGO in login-config and
2) you should only protect the JSPs in multiple url-filter in
security-constraint that use request.getRemoteUser() because in our case we are
not protecting these resources, but rather enabling SSO there.
Otherwise (with my configuration from comment #4 ) any other JSPs (not only
other servlets), that do not use request.getRemoteUser(), do not work, i.e.
they will show a HTTP status 401 Unauthorized.
I think this is because the authorization is not done for JSPs not calling
request.getRemoteUser()
Many Thanks!
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
