https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #1 from ashish.j...@in.ibm.com 2010-02-05 01:39:30 UTC ---
Created an attachment (id=24930)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=24930)
Patch for spnego support in tomcat
--
Configure bugmail: https://issu
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
jfclere changed:
What|Removed |Added
CC||jfcl...@gmail.com
--
Configure bugmail:
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
Mark Thomas changed:
What|Removed |Added
Status|NEW |NEEDINFO
--- Comment #2 from Mark Th
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #3 from ashish.j...@in.ibm.com 2010-02-15 11:59:00 UTC ---
My sincere apologies that patch did not make the standard of tomcat community.
I have reformatted the patch and uploading a new one.
To use this the only requirement is
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #4 from ashish.j...@in.ibm.com 2010-02-15 12:01:18 UTC ---
Created an attachment (id=24987)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=24987)
Updated patch for Spnego support in tomcat
Kindly review and apply.
-
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
ashish.j...@in.ibm.com changed:
What|Removed |Added
Version|6.0.20 |6.0.24
--
Configure bugma
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
Mark Thomas changed:
What|Removed |Added
Severity|normal |enhancement
--- Comment #5 from Mark
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
ashish.j...@in.ibm.com changed:
What|Removed |Added
Attachment #24930|0 |1
is obsolete|
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #7 from ashish.j...@in.ibm.com 2010-03-22 09:40:40 UTC ---
Created an attachment (id=25158)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=25158)
Jaas configuration file
--
Configure bugmail: https://issues.apache.o
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #8 from ashish.j...@in.ibm.com 2010-03-22 09:41:36 UTC ---
Created an attachment (id=25159)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=25159)
Krb5 configuration file
--
Configure bugmail: https://issues.apache.o
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #9 from ashish.j...@in.ibm.com 2010-03-22 09:44:46 UTC ---
Created an attachment (id=25160)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=25160)
Libraries for login module, realm implementation
--
Configure bugmail
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #10 from ashish.j...@in.ibm.com 2010-03-22 09:45:49 UTC ---
Created an attachment (id=25161)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=25161)
Sample test application
--
Configure bugmail: https://issues.apache.
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #11 from ashish.j...@in.ibm.com 2010-03-22 09:48:03 UTC ---
Created an attachment (id=25162)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=25162)
Java opts
--
Configure bugmail: https://issues.apache.org/bugzilla/u
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #12 from ashish.j...@in.ibm.com 2010-03-22 10:02:23 UTC ---
Hi Mark,
I have modified the patch as you have suggested in your latest update. The new
modified patch includes the following:
1) No dependency on Basic, the applicati
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #13 from Mark Thomas 2010-04-06 14:15:58 UTC ---
Adding all those JARs to a standard Tomcat installation isn't going to be
acceptable. How feasible is a lighter weight implementation? A new
authenticator and new realm is about t
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #14 from ashish.j...@in.ibm.com 2010-04-22 03:38:51 EDT ---
Regarding your question "Step 5 of Spnego", in most of the cases the size of
the Spnego token will be less that < 4 KB however in case it goes over and
above 4KB, maxHtt
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
Michael Osipov changed:
What|Removed |Added
Status|NEEDINFO|NEW
--- Comment #15 from Michael
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #16 from Mark Thomas 2010-11-02 12:12:59 EDT ---
(In reply to comment #15)
> in my opinion all of these additional dependencies are superfluous. I wrote a
> SpnegoAuthenticator for our webapps in less than 300 lines of code. All
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #17 from Michael Osipov <1983-01...@gmx.net> 2010-11-21 15:58:39
EST ---
(In reply to comment #16)
> (In reply to comment #15)
> > in my opinion all of these additional dependencies are superfluous. I wrote
> > a
> > SpnegoAuth
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
Michael Osipov <1983-01...@gmx.net> changed:
What|Removed |Added
CC||1983-01...@gmx
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #18 from Mark Thomas 2011-03-16 08:51:21 EDT ---
(In reply to comment #17)
> This is weird, I wasn't notified about your comment..Do you want me to attach
> the maven project? What license do you prefer, ASL?
Sorry for the slow
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #19 from Michael Osipov <1983-01...@gmx.net> 2011-03-23 05:21:42
EDT ---
Created an attachment (id=26792)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=26792)
Complete SPNEGO Authenticator and Active Directory Realm
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #20 from Mark Thomas 2011-03-23 05:34:51 EDT ---
I haven't look at this yet but I just wanted to say thank you and let you know
this is on the radar. Personally, I'm snowed under with other stuff at the
minute but I will get to
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #21 from Mark Thomas 2011-03-25 13:59:58 EDT ---
I'm looking at this now and currently trying to figure out the additional
configuration required (JAAS, keytab, etc). Any notes you can provide that
would save me from figuring st
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #22 from Michael Osipov <1983-01...@gmx.net> 2011-03-25 15:07:45
EDT ---
(In reply to comment #21)
> I'm looking at this now and currently trying to figure out the additional
> configuration required (JAAS, keytab, etc). Any not
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #23 from Mark Thomas 2011-03-25 15:18:08 EDT ---
Doh. I missed the javadoc completely. My bad. I'll take a look over the weekend
and get back to you.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=e
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #24 from Mark Thomas 2011-03-26 13:24:23 EDT ---
Having reviewed the Javadoc, there still appears to be a lot of information
missing/assumed. The Geronimo notes from comment #12 appear to cover many of
the missing steps. I plan
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #25 from Michael Osipov <1983-01...@gmx.net> 2011-03-26 13:48:00
EDT ---
(In reply to comment #24)
> Having reviewed the Javadoc, there still appears to be a lot of information
> missing/assumed. The Geronimo notes from comment
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #26 from Michael Osipov <1983-01...@gmx.net> 2011-03-28 04:40:34
EDT ---
Mark,
here's what you need to make it run:
I expect you/someone to have an already working AD environment where the server
with tomcat running is registe
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #27 from Mark Thomas 2011-03-28 08:01:05 EDT ---
I'd managed to work out the system properties. I currently suspect issues with
my jaas.conf and/or krb5.conf or possibly the keytab file. Samples of those
would help although I am
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #28 from Michael Osipov <1983-01...@gmx.net> 2011-03-30 04:12:28
EDT ---
Created an attachment (id=26814)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=26814)
krb5.conf
This is a sample Kerberos 5 conf file with mu
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #29 from Michael Osipov <1983-01...@gmx.net> 2011-03-30 04:14:09
EDT ---
Created an attachment (id=26815)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=26815)
jaas.conf
this jaas.conf contains two login modules. Th
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #30 from Michael Osipov <1983-01...@gmx.net> 2011-03-30 04:15:38
EDT ---
Mark,
I have attached some sample config files to make it run. This solution
uses a keytab to validate tickets.
I am aware of the Spring way, we use that
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #31 from Mark Thomas 2011-03-30 07:01:50 EDT ---
(In reply to comment #30)
> I have attached some sample config files to make it run. This solution
> uses a keytab to validate tickets.
Thanks. It was the jaas.conf that I hadn't
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #32 from Michael Osipov <1983-01...@gmx.net> 2011-03-30 14:08:52
EDT ---
(In reply to comment #31)
> (In reply to comment #30)
> > I am aware of the Spring way, we use that Sec Extension also but I don't
> > like that because of
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #33 from Michael Osipov <1983-01...@gmx.net> 2011-03-30 14:11:08
EDT ---
Sorry for the spelling, I was to hasty with the 'commit' button.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
---
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #34 from Michael Osipov <1983-01...@gmx.net> 2011-03-30 14:19:55
EDT ---
These docs are fine:
http://wiki.alfresco.com/wiki/Configuring_the_CIFS_and_web_servers_for_Kerberos/AD_integration
http://www-01.ibm.com/support/docview.
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #35 from Michael Osipov <1983-01...@gmx.net> 2011-03-30 14:29:33
EDT ---
Sorry for spamming again.
We run mixed environments with Windows Server 2003 and 2008, both serve as KDC.
Server code works on Windows XP and HP-UX flawle
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
Mark Thomas changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #37 from Michael Osipov <1983-01...@gmx.net> 2011-04-01 04:59:26
EDT ---
Mark, I tried to build the current trunk to validate the code and mark some
improvements but I fails with:
build-docs:
[xslt] Transforming into
E:\Pr
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #38 from Mark Thomas 2011-04-01 05:07:36 EDT ---
Looks like you have a build environment problem. It builds fine for me and the
multiple CI systems (buildbot and gump) that build this codebase. The users
list is the best place t
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #39 from Michael Osipov <1983-01...@gmx.net> 2011-04-01 05:46:38
EDT ---
(In reply to comment #38)
> Looks like you have a build environment problem. It builds fine for me and the
> multiple CI systems (buildbot and gump) that b
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #40 from Michael Osipov <1983-01...@gmx.net> 2011-04-01 07:10:15
EDT ---
Mark,
there are some glitches which have to be addressed in my opinion:
Constants.java:
- DEFAULT_SPN_CLASS is never used, forgot to delete?
- DEFAULT_KR
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #41 from Mark Thomas 2011-04-01 07:30:16 EDT ---
(In reply to comment #40)
> - DEFAULT_SPN_CLASS is never used, forgot to delete?
Fixed
> - DEFAULT_KRB5_CONF value: .ini is Windows style, on Unix is krb5.conf only. I
> would st
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #42 from Michael Osipov <1983-01...@gmx.net> 2011-04-01 08:41:22
EDT ---
Mark,
I just compiled and deployed 7.0.12-dev to our test server. It works but fails
at some point.
The default server.xml is configured with:
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #43 from Michael Osipov <1983-01...@gmx.net> 2011-04-01 08:47:46
EDT ---
(In reply to comment #41)
> (In reply to comment #40)
> > - DEFAULT_SPN_CLASS is never used, forgot to delete?
> Fixed
>
> > - DEFAULT_KRB5_CONF value: .i
https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
--- Comment #44 from Michael Osipov <1983-01...@gmx.net> 2011-04-01 08:49:08
EDT ---
(In reply to comment #43)
> I disagree again because abstraction is not missing and not everyone uses an
> Oracle JVM.
Should read: I disagree again becau
47 matches
Mail list logo
