----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files. Don't make us guess your problem!!!
----------------------------------------------------------------
Bert, thanks again......
I'll certainly view these docs lateron but what I am actually looking for is
a way to retrieve (nt)userid from the servlet code. THe getRemoteUser()
gives null back. I am wondering if something is wrong with my server
configuration since I can view the remote IP address but not the hostname
and (nt) login name which I need.
Can you (or anyone) help me with that?
I would really appreciate it.
thx
SeJo
----- Original Message -----
From: Brett Knights <[EMAIL PROTECTED]>
To: 'Java Apache Users' <[EMAIL PROTECTED]>
Sent: Friday, December 03, 1999 4:04 PM
Subject: RE: NT-Apache authorization.....URGENT
> ----------------------------------------------------------------
> BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> WHEN YOU POST, include all relevant version numbers, log files,
> and configuration files. Don't make us guess your problem!!!
> ----------------------------------------------------------------
>
> Sorry no, I had the references at work - easy enough to find with
altavista - just try "+web +ntlm +security"
>
> You're right though - in an intranet ntlm is relatively safe and
convenient. Your firewall should strip any ntmlm authentication
> information from getting to the outside.
>
> ***********************************************************
> Brett Knights 626-432-5767 work
> [EMAIL PROTECTED] 626-355-1017 home
> ***********************************************************
>
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of SeJo
> > Sent: Friday, December 03, 1999 6:37 AM
> > To: Java Apache Users
> > Subject: Re: NT-Apache authorization.....URGENT
> >
> >
> > ----------------------------------------------------------------
> > BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> > WHEN YOU POST, include all relevant version numbers, log files,
> > and configuration files. Don't make us guess your problem!!!
> > ----------------------------------------------------------------
> >
> > Brett,
> >
> > thank for advice....I was considering that too, but am pretty
> > sure that wont
> > happen in this environment (small intranet).
> >
> > You mentioned some decent web sites.......but i see no track
> > of them in your
> > mail......can you (re)send them please?
> >
> > thanks again
> >
> > SeJo
> >
> > ----- Original Message -----
> > From: Brett Knights <[EMAIL PROTECTED]>
> > To: 'Java Apache Users' <[EMAIL PROTECTED]>
> > Sent: Friday, December 03, 1999 3:28 PM
> > Subject: RE: NT-Apache authorization.....URGENT
> >
> >
> > > ----------------------------------------------------------------
> > > BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> > > WHEN YOU POST, include all relevant version numbers, log files,
> > > and configuration files. Don't make us guess your problem!!!
> > > ----------------------------------------------------------------
> > >
> > > Whoa!
> > > Think carefully before you start flying your ntlm passwords
> > around the
> > net.
> > > If your concern is BasicAuthentication vs. NTLM I'd highly
> > recommend using
> > SSL.
> > >
> > > When I looked at this I found a few decent web sites that
> > address the
> > topic. Check them out.
> > > Remember if someone captures an Apache password they can
> > still only mess
> > with what is controlled by apache. IF someone captures an
> > > NTLM token for a user that can write to the registry they
> > can mess with
> > your server.
> > >
> > >
> > > ***********************************************************
> > > Brett Knights 626-432-5767 work
> > > [EMAIL PROTECTED] 626-355-1017 home
> > > ***********************************************************
> > >
> > >
> > > > -----Original Message-----
> > > > From: [EMAIL PROTECTED]
> > > > [mailto:[EMAIL PROTECTED]]On Behalf
> > Of Philippe
> > > > Johan 999900280
> > > > Sent: Thursday, December 02, 1999 2:36 AM
> > > > To: SeJo; Java Apache Users
> > > > Subject: Re:NT-Apache authorization.....URGENT
> > > >
> > > >
> > > > ----------------------------------------------------------------
> > > > BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> > > > WHEN YOU POST, include all relevant version numbers, log files,
> > > > and configuration files. Don't make us guess your problem!!!
> > > > ----------------------------------------------------------------
> > > >
> > > > SeJo,
> > > >
> > > > concerning authorization, have a look at the module mod_ntlm at
> > > > http://www.ozemail.com.au/~timcostello/mod_ntlm/
> > > > (you can find it also in the modules.apache.org catalog).
> > > >
> > > > Now as to fetch the user name or something else, I think that'll
> > > > depend on the module you use for authentication.
> > > >
> > > > regards,
> > > >
> > > > Johan Philippe
> > > > E&Y Consulting
> > > >
> > > > SeJo:
> > > > ----------------------------------------------------------------
> > > > BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> > > > WHEN YOU POST, include all relevant version numbers, log files,
> > > > and configuration files. Don't make us guess your problem!!!
> > > > ----------------------------------------------------------------
> > > >
> > > > Hello,
> > > >
> > > > I am using ApacheWebServer and JServ on NT 4.0 and would like
> > > > to configure
> > > > it (apache) to use the NT passwords for authorization. I
> > > > still didn't find
> > > > the right module for doing so........
> > > >
> > > > But, the most important question is:
> > > >
> > > > How can I fetch the apache user name from the servlet code,
> > > > once the user is
> > > > logged in using the apache authorization (no matter which one
> > > > (files, DB's
> > > > ..NT))?
> > > >
> > > > help,help,help.....
> > > >
> > > >
> > > > SeJo
> > > >
> > > > ------------------------------------------------------------
> > > > Selim Cesic
> > > > Synes N.V.
> > > >
> > > > Email: [EMAIL PROTECTED]
> > > > Home: http://www.synes.com
> > > >
> > > > ------------------------------------------------------------
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > > --------------------------------------------------------------
> > > > Please read the FAQ! <http://java.apache.org/faq/>
> > > > To subscribe: [EMAIL PROTECTED]
> > > > To unsubscribe: [EMAIL PROTECTED]
> > > > Archives and Other: <http://java.apache.org/main/mail.html>
> > > > Problems?: [EMAIL PROTECTED]
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > > --------------------------------------------------------------
> > > > Please read the FAQ! <http://java.apache.org/faq/>
> > > > To subscribe: [EMAIL PROTECTED]
> > > > To unsubscribe: [EMAIL PROTECTED]
> > > > Archives and Other: <http://java.apache.org/main/mail.html>
> > > > Problems?: [EMAIL PROTECTED]
> > > >
> > > >
> > >
> > >
> > >
> > > --
> > > --------------------------------------------------------------
> > > Please read the FAQ! <http://java.apache.org/faq/>
> > > To subscribe: [EMAIL PROTECTED]
> > > To unsubscribe: [EMAIL PROTECTED]
> > > Archives and Other: <http://java.apache.org/main/mail.html>
> > > Problems?: [EMAIL PROTECTED]
> > >
> >
> >
> >
> > --
> > --------------------------------------------------------------
> > Please read the FAQ! <http://java.apache.org/faq/>
> > To subscribe: [EMAIL PROTECTED]
> > To unsubscribe: [EMAIL PROTECTED]
> > Archives and Other: <http://java.apache.org/main/mail.html>
> > Problems?: [EMAIL PROTECTED]
> >
>
>
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> Archives and Other: <http://java.apache.org/main/mail.html>
> Problems?: [EMAIL PROTECTED]
>
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
