> From: Brian Bitteker [mailto:[EMAIL PROTECTED]
> Suspicions:
> Possibly the redirection of the user with the
> isapi_redirect.dll is the
> issue. Credentials are not handed off from IIS to Tomcat.
I assume (I didn't see you state, but may have misread) you're using IIS
to authenticate against Active Directory, then expecting Tomcat to pick
up the credentials? If so, I think you're right that the credentials
aren't passed down the line to Tomcat's declarative security.
One way round this might be to turn off authentication in IIS and let
Tomcat do it, using AD via LDAP. Are there reasons you can't do this,
for example because you have other secured resources being served
through IIS or because you want single sign-on for IIS and Tomcat apps?
- Peter
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
