> From: Brian Bitteker [mailto:[EMAIL PROTECTED] > Suspicions: > Possibly the redirection of the user with the > isapi_redirect.dll is the > issue. Credentials are not handed off from IIS to Tomcat.
I assume (I didn't see you state, but may have misread) you're using IIS to authenticate against Active Directory, then expecting Tomcat to pick up the credentials? If so, I think you're right that the credentials aren't passed down the line to Tomcat's declarative security. One way round this might be to turn off authentication in IIS and let Tomcat do it, using AD via LDAP. Are there reasons you can't do this, for example because you have other secured resources being served through IIS or because you want single sign-on for IIS and Tomcat apps? - Peter --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]