I am looking into configuring SingleSignOn Kerberos authentication in a Tomcat application using SPNEGO authentication on a Apache2 frontend server. The fontend apache2 currently forwards all requests to Tomcat through mod_jk.
As I see there is an apache2 module for Kerberos authentication without user intervention, mod_spnego. However I am curious of knowing if it is possible using mod_spnego to forward the authenticated user/principal in a http header to Tomcat from Apache, in the mod_jk stream. The packaged Tomcat application requires an http header that containes the user. Also, will autentication take place before mod_jk forwards the request? If mod_jk acts before autentication there is no point in proceding with this. Has anyone had experience in this? /Cenk --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]