David kerber wrote:
On 7/14/2011 10:51 AM, David kerber wrote:
On 7/14/2011 10:45 AM, André Warnier wrote:
David kerber wrote:
...
Tomcat 7 has SPNEGO support, which might enable cross-server SSO, but
I'm speculating there.
I'll see if that might help; I've never heard of it.
That is the "the newly-released "authenticator Valve" (?) available in
Tomcat 7 " solution I was talking about.
David, getting the Windows user-id in Tomcat is quite complicated,
because Windows authentication is complicated.
Since you already have an IIS server involved, by far the easiest way is
my solution (1), which can be set up easily with an IIS-Tomcat connector
(the IIS-oriented version of mod_jk). See :
http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html
Thanks; I'll take a look.
That reference has tomcat and IIS installed on the same machine. Is
that a requirement, or is there a way of configuring it with tc on a
different machine (actually a different subnet, in my case)?
Not a requirement at all. They could be in different countries, as long as the firewalls
allows IIS to set up a TCP connection with Tomcat.
Since you're new at this, a very quick ascii graphic schema :
browser <-- HTTP/TCP --> (IIS+Isapi_redirect) <-- AJP/TCP --> (AJP Connector +
Tomcat)
IIS+Isapi_Redirect decides which URLs get forwarded to Tomcat.
For IIS+Isapi_Redirect, each Tomcat back-end is called a "worker".
The webapp response comes back the same way.
To the browser, everything looks like it is IIS serving it.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
