Johnny Kewl wrote:
- Original Message - From: Propes, Barry L
[EMAIL PROTECTED]
To: Tomcat Users List users@tomcat.apache.org
Hi,
I am integrating two websites using single sign on. I have two sites
namely
aaa.com and bbb.com.
I enabled SingleSignOn valve in server.xml file,
Many thanks to all of you for responding to my problem.
I apologize, I hope I didnot mention my system architecture clearly. (As I
mentioned, it is an old application, which was developed 9 yrs ago, and no
documentation at all :-( )
I am accessing those applications like..
sridharmnj wrote:
Many thanks to all of you for responding to my problem.
I apologize, I hope I didnot mention my system architecture clearly. (As I
mentioned, it is an old application, which was developed 9 yrs ago, and no
documentation at all :-( )
I am accessing those applications like..
- Original Message -
From: sridharmnj [EMAIL PROTECTED]
To: users@tomcat.apache.org
Sent: Thursday, June 05, 2008 4:33 PM
Subject: Re: Single sign on issue with Tomcat and Apache
Many thanks to all of you for responding to my problem.
I apologize, I hope I didnot mention my system
sridharmnj wrote:
Many thanks to all of you for responding to my problem.
I apologize, I hope I didnot mention my system architecture clearly. (As I
mentioned, it is an old application, which was developed 9 yrs ago, and no
documentation at all :-( )
I am accessing those applications like..
Well, Johnny, we seem to agree..
Johnny Kewl wrote:
- Original Message - From: sridharmnj [EMAIL PROTECTED]
To: users@tomcat.apache.org
Sent: Thursday, June 05, 2008 4:33 PM
Subject: Re: Single sign on issue with Tomcat and Apache
Many thanks to all of you for responding to my
If there is no way to do this, what changes do you suggest?
except aaa changes.
Is it a better idea to move apache pages (bbb) into the tomcat (ccc)? (so
that there will be only tomcat authentication exists)
Thanks,
Sridhar
awarnier wrote:
Well, Johnny, we seem to agree..
Johnny Kewl
From: sridharmnj [mailto:[EMAIL PROTECTED]
Subject: Re: Single sign on issue with Tomcat and Apache
Is it a better idea to move apache pages (bbb) into the
tomcat (ccc)?
If you're not using httpd for anything other than serving static content, then
yes, get rid of it. Tomcat by itself does
sridharmnj wrote:
- there is only one Apache, and one Tomcat, on the same physical server
yes
- there are no Apache VirtualHosts (or there is only one), and there is
only one Tomcat Host section in server.xml
Apache virtualhost is there, and tomcat host is Host name=localhost...
- the
Many thanks!!
I am planning to follow the below approach only.
Or, leave Apache in-between, but have it pass all requests for bbb to
Tomcat also (like it does for aaa and ccc), and serve the static pages
from Tomcat, subject to basic authentication on Tomcat. This way, after
the first
- Original Message -
From: Propes, Barry L [EMAIL PROTECTED]
To: Tomcat Users List users@tomcat.apache.org
Hi,
I am integrating two websites using single sign on. I have two sites namely
aaa.com and bbb.com.
I enabled SingleSignOn valve in server.xml file, and trying to access
Hi.
I saw your ongoing discussion, and maybe I can contribute something, but
I need some more info before.
Here is what you explained before :
a) You have one site aaa.com to which users access this way :
user --- tomcat aaa.com
b) and another site bbb.com to
- Original Message -
From: André Warnier [EMAIL PROTECTED]
To: users@tomcat.apache.org
Cc: [EMAIL PROTECTED]
Sent: Thursday, June 05, 2008 1:06 AM
Subject: RE: Single sign on issue with Tomcat and Apache
Hi.
I saw your ongoing discussion, and maybe I can contribute something, but I
Johnny Kewl wrote:
- Original Message - From: André Warnier [EMAIL PROTECTED]
To: users@tomcat.apache.org
Cc: [EMAIL PROTECTED]
Sent: Thursday, June 05, 2008 1:06 AM
Subject: RE: Single sign on issue with Tomcat and Apache
Hi.
I saw your ongoing discussion, and maybe I can
- Original Message -
From: André Warnier [EMAIL PROTECTED]
To: Tomcat Users List users@tomcat.apache.org
Sent: Thursday, June 05, 2008 2:54 AM
Subject: Re: Single sign on issue with Tomcat and Apache
Johnny Kewl wrote:
- Original Message - From: André Warnier [EMAIL
Hi,
I am integrating two websites using single sign on. I have two sites namely
aaa.com and bbb.com.
When a user navigates from aaa.com, as he is already authenticated in it, he
should be allowed to bbb.com without asking the credentials again. This is
my requirement.
aaa.com is based on
what versions are you using? Of each?
-Original Message-
From: sridharmnj [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 03, 2008 3:52 PM
To: users@tomcat.apache.org
Subject: Single sign on issue with Tomcat and Apache
Hi,
I am integrating two websites using single sign on. I have two
Apache 2.0.50
Tomcat 5.0.27
Java 1.3.1
Propes, Barry L wrote:
what versions are you using? Of each?
-Original Message-
From: sridharmnj [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 03, 2008 3:52 PM
To: users@tomcat.apache.org
Subject: Single sign on issue with Tomcat and
and you're stuck on Java 1.3.1 and cannot go forward?
-Original Message-
From: sridharmnj [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 03, 2008 4:17 PM
To: users@tomcat.apache.org
Subject: RE: Single sign on issue with Tomcat and Apache
Apache 2.0.50
Tomcat 5.0.27
Java 1.3.1
I hope you did not observe the following lines from my post.
bbb.com is an old project which was developed around 9 yrs ago and I am
not allowed to modify/reengineer the architecture.
It is successfully running on those versions in production and client does
not want to upgrade versions for
I'll first admit that I've never used single sign-on, so most of this is
educated conjecture on my part. Hopefully it'll spark some discussion
in the right direction.
Your right -- jvm version is not going to make a difference with the
issue you are seeing. Plus upgrading the jvm may break
My understanding:
When server receives a request for a secured resource first time (depending
on url-pattern and security constraint settings in web.xml), first it asks
for credentials using dialog box if its BASIC authentication or login form
if its FORM authenticatin and performs
sridharmnj wrote:
My understanding:
When server receives a request for a secured resource first time (depending
on url-pattern and security constraint settings in web.xml), first it asks
for credentials using dialog box if its BASIC authentication or login form
if its FORM authenticatin and
I am really sorry if my explanation was confused you.
aaa.com - Deployed in Tomcat and using FORM authentication.
bbb.com - 1) Static data files are deployed in apache and Httpd .htaccess
is used for authentication.
2) Dynamic data files are deployed in Tomcat and BASIC
Following lines are from apache user guide.
(http://httpd.apache.org/docs/1.3/howto/auth.html#basicworks)
Because the HTTP protocol is stateless, each request will be treated in the
same way, even though they are from the same client. That is, every resource
which is requested from the server
With BASIC authentication, the credentials are stored in browser memory
for the life of the browser process whether that be minutes or days. It
won't ask again until it's closed and a new browser process started.
The browser requests a resource, the server comes back with either a 403
or 401
26 matches
Mail list logo