Re: NT-Apache authorization.....URGENT

SeJo Fri, 3 Dec 1999 06:38:00 -0800
----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files.  Don't make us guess your problem!!!
----------------------------------------------------------------

Brett,

thank for advice....I was considering that too, but am pretty sure that wont
happen in this environment (small intranet).

You mentioned some decent web sites.......but i see no track of them in your
mail......can you (re)send them please?

thanks again

SeJo

----- Original Message -----
From: Brett Knights <[EMAIL PROTECTED]>
To: 'Java Apache Users' <[EMAIL PROTECTED]>
Sent: Friday, December 03, 1999 3:28 PM
Subject: RE: NT-Apache authorization.....URGENT


> ----------------------------------------------------------------
> BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> WHEN YOU POST, include all relevant version numbers, log files,
> and configuration files.  Don't make us guess your problem!!!
> ----------------------------------------------------------------
>
> Whoa!
> Think carefully before you start flying your ntlm passwords around the
net.
> If your concern is BasicAuthentication vs. NTLM I'd highly recommend using
SSL.
>
> When I looked at this I found a few decent web sites that address the
topic. Check them out.
> Remember if someone captures an Apache password they can still only mess
with what is controlled by apache. IF someone captures an
> NTLM token for a user that can write to the registry they can mess with
your server.
>
>
> ***********************************************************
> Brett Knights                             626-432-5767 work
> [EMAIL PROTECTED]                 626-355-1017 home
> ***********************************************************
>
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Philippe
> > Johan 999900280
> > Sent: Thursday, December 02, 1999 2:36 AM
> > To: SeJo; Java Apache Users
> > Subject: Re:NT-Apache authorization.....URGENT
> >
> >
> > ----------------------------------------------------------------
> > BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> > WHEN YOU POST, include all relevant version numbers, log files,
> > and configuration files.  Don't make us guess your problem!!!
> > ----------------------------------------------------------------
> >
> > SeJo,
> >
> > concerning authorization, have a look at the module mod_ntlm at
> > http://www.ozemail.com.au/~timcostello/mod_ntlm/
> > (you can find it also in the modules.apache.org catalog).
> >
> > Now as to fetch the user name or something else, I think that'll
> > depend on the module you use for authentication.
> >
> > regards,
> >
> > Johan Philippe
> > E&Y Consulting
> >
> > SeJo:
> > ----------------------------------------------------------------
> > BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> > WHEN YOU POST, include all relevant version numbers, log files,
> > and configuration files.  Don't make us guess your problem!!!
> > ----------------------------------------------------------------
> >
> > Hello,
> >
> > I am using ApacheWebServer and JServ on NT 4.0 and would like
> > to configure
> > it (apache) to use the NT passwords for authorization. I
> > still didn't find
> > the right module for doing so........
> >
> > But, the most important question is:
> >
> > How can I fetch the apache user name from the servlet code,
> > once the user is
> > logged in using the apache authorization (no matter which one
> > (files, DB's
> > ..NT))?
> >
> > help,help,help.....
> >
> >
> > SeJo
> >
> > ------------------------------------------------------------
> > Selim Cesic
> > Synes N.V.
> >
> > Email: [EMAIL PROTECTED]
> > Home: http://www.synes.com
> >
> > ------------------------------------------------------------
> >
> >
> >
> >
> > --
> > --------------------------------------------------------------
> > Please read the FAQ! <http://java.apache.org/faq/>
> > To subscribe:        [EMAIL PROTECTED]
> > To unsubscribe:      [EMAIL PROTECTED]
> > Archives and Other:  <http://java.apache.org/main/mail.html>
> > Problems?:           [EMAIL PROTECTED]
> >
> >
> >
> >
> > --
> > --------------------------------------------------------------
> > Please read the FAQ! <http://java.apache.org/faq/>
> > To subscribe:        [EMAIL PROTECTED]
> > To unsubscribe:      [EMAIL PROTECTED]
> > Archives and Other:  <http://java.apache.org/main/mail.html>
> > Problems?:           [EMAIL PROTECTED]
> >
> >
>
>
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe:        [EMAIL PROTECTED]
> To unsubscribe:      [EMAIL PROTECTED]
> Archives and Other:  <http://java.apache.org/main/mail.html>
> Problems?:           [EMAIL PROTECTED]
>



--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
Archives and Other:  <http://java.apache.org/main/mail.html>
Problems?:           [EMAIL PROTECTED]
Re: NT-Apache authorization.....URGENT

Reply via email to
