So to recap:
On windows server you have disabled Anonymous access. Only Domain users are to be allowed. Windows using IE and Linux using Firefox work. Mozilla and konqueror do not.
All of this with the browser hitting IIS on the front end.
If this is correct, then the issue is with the browser and windows authentication and Tomcat is not involved.
If you can't resolve this with the browsers then the realm model would be an option.
There is a link on the FAQ:
http://jcifs.samba.org/src/docs/ntlmhttpauth.html
This deals with NTLM and would serve your needs, but will require SSL for security. It allows Tomcat to talk to the AD for user lookup. If I read it correctly. You may wish to post a new thread about authentication with Tomcat against Windows if you don't find anything in the archives as I am sure someone has done this.
... so now I will have to maintain two user database? one Active Directory and one Realm?
Yes, if none of the other options listed will work for you.
Sorry that I haven't been able to assist you more.
Doug
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
