> -----Original Message----- > From: Ilya Kazakevich [mailto:ilya.kazakev...@jetbrains.com] > Sent: Monday, November 14, 2011 1:27 PM > To: 'Tomcat Users List' > Subject: RE: Grabbing the user's info > > Hello, > > What do you call "network authentication" ? > > If you speak about windows domain (active directory) authentication you > can use JNDIRealm > (http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JNDIRealm) > because AD has LDAP interface. > Here are some examples: > http://www.jspwiki.org/wiki/ActiveDirectoryIntegration > > > Ilya Kazakevich, > Developer > JetBrains Inc > http://www.jetbrains.com > "Develop with pleasure!" > > -----Original Message----- > From: Josh Gooding [mailto:josh.good...@gmail.com] > Sent: Monday, November 14, 2011 10:19 PM > To: Tomcat Users List > Subject: Grabbing the user's info > > Hey guys, > > Question. I'm developing an application that resides on a network. I > wondered if (and how) there was a way to use the users network > authentication as a valid authentication into this application? > > - Josh >
To add to Ilya's reply: If you are using Active Directory in your network to provide authentication and authorization then you can also use Kerberos which allows Single Sign-On to properly authorized users and applications (i.e., user only needs to log in once to a workstation to access network services including applications running in Web servers such as Tomcat; not to be confused with Tomcat's Single Sign-On feature that which I believe allows single authentication between different Web applications running on the same instance). I am no expert in this subject, but I have tested Waffle[1] which provides a simple interface to the Kerberos protocol and it seems quite powerful. I have used Waffle with Tomcat as instructed in the tutorials and it worked as explained. Keep in mind that Waffle JARs need to reside in Tomcat's lib and not in your app's lib. As for Kerberos, you may want to check [2] which is a good reference in my opinion. Note that I am not able to judge the quality of Waffle or the applicability of Kerberos to your project, I just thought that it may be of some interest. /ricardo [1] Windows Authentication Functional Framework: http://waffle.codeplex.com/ [2] Garman, Jason. Kerberos: The Definitive Guide. O'Reilly Media. August 26, 2003. ISBN: 978-0-596-00403-3 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
