Hi there
If anyone is interested, I've written a Realm class that uses Andy Armstrong's Tagish JAAS NT Login Module to authenticate users against NT domains, assigning them Roles based on their NT Group membership.
The catch is that while the code works if I run it from my own main() method, I start getting native code errors when plugged into Tomcat as a Realm.
If anyone has the time/interest/need to try and fix this, I'm think this would be useful to a lot of Tomcat developers. Andy suspects it might be a bug in some of his code, but if anyone can find another reason and fix it, that would be great!
You can specify a default Domain to use for authentication in server.xml as below:
<Realm className="com.wedgedpig.catalina.realm.NTRealm" domain="CORPORATE" />
You will need JAAS and the Tagish classes (and the Tagish NT DLL installed in java.library.path) for this to work. Check out http://free.tagish.net . Using 4.0.4 I put all the Java classes in tc4.0\server\classes and it worked fine. You will also need to specify
-Djava.security.auth.login.config=location_of_jaas_config_file
to the JVM that runs Tomcat. You can do this by setting JAVA_OPTS environment variable to the above string before running the catalina.bat batch file.
cheers
Rory Douglas
Sun Chemical Corporation
(201) 224-4600 x133
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
TomcatNTPrincipal.java
Description: Binary data
NTRealm.java
Description: Binary data
ntrealm.config
Description: Binary data
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
