Hi Scott, I'm not exactly an expert on this but I'm quite sure that if you strictly want to use NTLM...you do not need to this:
2> set the auth-method to CLIENT-CERT in the web.xml
unless ofcourse you are doing it because you want a secure channel between your IIS server and the tomcat instance which is (I think) a whole different game.
Cheers, - Pulkit On 8/22/06, Scott Shaver <[EMAIL PROTECTED]> wrote:
Okay I have Jboss set up on my machine with a simple one page web app that has an Active Directory security realm set up. I have another machine running IIS 5 with the isapi_redirect.dll installed as an ISAPI filter to redirect the requests to Tomcat on my machine. I can access the web app via IIS, get prompted for a user name and password, the app server validates me in the AD domain controller and send me the page; As long as 1> the auth-method in the web.xml is BASIC 2> the IIS web server has Anonymous Access turned on 3> Integrated Windows Security Authentication turned off To see what the configuration step are for this go to: http://www.scottshaver2000.com/forum/viewtopic.php?p=601#601 I now want to do the same thing but not have the user get prompted to login by having the app server use the NTLM headers that IE sends with the requests. So I thought I could do this: 1> turn Integrated Windows Authentication on for the IIS web site. 2> set the auth-method to CLIENT-CERT in the web.xml 3> set tomcatAuthentication="false" in the tomcat server.xml file However this doesn't work, does anyone have a clue what I should do next? Scott A. Shaver SPECIAL NOTICE All information transmitted hereby is intended only for the use of the addressee(s) named above and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution of confidential and privileged information is prohibited. If the reader of this message is not the intended recipient(s) or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that you must not read this transmission and that disclosure, copying, printing, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. Anyone who receives confidential and privileged information in error should notify us immediately by telephone and mail the original message to us at the above address and destroy all copies. To the extent any portion of this communication contains public information, no such restrictions apply to that information. (gate01) --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
