----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files. Don't make us guess your problem!!!
----------------------------------------------------------------
Whoa!
Think carefully before you start flying your ntlm passwords around the net.
If your concern is BasicAuthentication vs. NTLM I'd highly recommend using SSL.
When I looked at this I found a few decent web sites that address the topic. Check
them out.
Remember if someone captures an Apache password they can still only mess with what is
controlled by apache. IF someone captures an
NTLM token for a user that can write to the registry they can mess with your server.
***********************************************************
Brett Knights 626-432-5767 work
[EMAIL PROTECTED] 626-355-1017 home
***********************************************************
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Philippe
> Johan 999900280
> Sent: Thursday, December 02, 1999 2:36 AM
> To: SeJo; Java Apache Users
> Subject: Re:NT-Apache authorization.....URGENT
>
>
> ----------------------------------------------------------------
> BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> WHEN YOU POST, include all relevant version numbers, log files,
> and configuration files. Don't make us guess your problem!!!
> ----------------------------------------------------------------
>
> SeJo,
>
> concerning authorization, have a look at the module mod_ntlm at
> http://www.ozemail.com.au/~timcostello/mod_ntlm/
> (you can find it also in the modules.apache.org catalog).
>
> Now as to fetch the user name or something else, I think that'll
> depend on the module you use for authentication.
>
> regards,
>
> Johan Philippe
> E&Y Consulting
>
> SeJo:
> ----------------------------------------------------------------
> BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> WHEN YOU POST, include all relevant version numbers, log files,
> and configuration files. Don't make us guess your problem!!!
> ----------------------------------------------------------------
>
> Hello,
>
> I am using ApacheWebServer and JServ on NT 4.0 and would like
> to configure
> it (apache) to use the NT passwords for authorization. I
> still didn't find
> the right module for doing so........
>
> But, the most important question is:
>
> How can I fetch the apache user name from the servlet code,
> once the user is
> logged in using the apache authorization (no matter which one
> (files, DB's
> ..NT))?
>
> help,help,help.....
>
>
> SeJo
>
> ------------------------------------------------------------
> Selim Cesic
> Synes N.V.
>
> Email: [EMAIL PROTECTED]
> Home: http://www.synes.com
>
> ------------------------------------------------------------
>
>
>
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> Archives and Other: <http://java.apache.org/main/mail.html>
> Problems?: [EMAIL PROTECTED]
>
>
>
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> Archives and Other: <http://java.apache.org/main/mail.html>
> Problems?: [EMAIL PROTECTED]
>
>
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
