-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John,
On 9/16/2009 5:33 PM, John Chen wrote:
> I think we will add the roles to AD and use AD to do the
> authorization as well. Because of the naming convention applied in
> the agency, we need to map the role defined in AD to the
> security-role def
security-role-ref, but I have to go to each web.xml and add the information
over there.
Thanks
John
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Wednesday, September 16, 2009 5:24 PM
To: Tomcat Users List
Subject: Re: decouple authentication and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 9/14/2009 3:33 PM, André Warnier wrote:
> John Chen wrote:
>> Apache front-end will do the authentication, does tomcat still use
>> tomcat-users.xml for the authorization part?
>
> I am not quite sure.
I'm not sure which is the important pa
John Chen wrote:
Apache front-end will do the authentication, does tomcat still use
tomcat-users.xml for the authorization part?
I am not quite sure. I believe Tomcat's integrated AAA is pretty much
an all-or-nothing proposition. But maybe, if the request is
authenticated by Apache beforeha
authentication and authorization of TOMCAT
John Chen wrote:
...
>
> I am also thinking using Apache Web Server to do the authentication and use
> tomcat for authorization, do you think it would work?
>
With the Apache/mod_jk/Tomcat combination it can, certainly.
There exists (I believe in the
On 14/09/2009 17:40, André Warnier wrote:
John Chen wrote:
...
I am also thinking using Apache Web Server to do the authentication
and use tomcat for authorization, do you think it would work?
With the Apache/mod_jk/Tomcat combination it can, certainly.
There exists (I believe in the element
2009/9/14 John Chen
> I am also thinking using Apache Web Server to do the authentication and use
> tomcat for authorization, do you think it would work?
>
Most things can be made to work - "with sufficient thrust, pigs fly just
fine". This approach was used for early Shibboleth implementations
: decouple authentication and authorization of TOMCAT
John Chen wrote:
> Hi,
>
>
>
> We have installed a third-party software running on tomcat. Is there
> anyway to decouple tomcat authentication and authorization? We have to
> use AD for authentication and we are not encour
: Re: decouple authentication and authorization of TOMCAT
2009/9/14 John Chen
> I am also thinking using Apache Web Server to do the authentication
and use
> tomcat for authorization, do you think it would work?
>
Most things can be made to work - "with sufficient thrust, pigs fly jus
John Chen wrote:
Hi,
We have installed a third-party software running on tomcat. Is there
anyway to decouple tomcat authentication and authorization? We have to
use AD for authentication and we are not encouraged to add groups to AD
just for the new software.
Any help would be appreciat
John Chen wrote:
...
I am also thinking using Apache Web Server to do the authentication and use
tomcat for authorization, do you think it would work?
With the Apache/mod_jk/Tomcat combination it can, certainly.
There exists (I believe in the element of Tomcat), an
attribute "tomcatAuthenti
Hi,
We have installed a third-party software running on tomcat. Is there
anyway to decouple tomcat authentication and authorization? We have to
use AD for authentication and we are not encouraged to add groups to AD
just for the new software.
Any help would be appreciated.
Thanks
Jo
12 matches
Mail list logo
