I have a related question since we recently implemented authentication to AD via LDAP in our Tomcat WebApp but it currently prompts the user for every new session, even if they are hitting the site from their windows workstation that is already authenticated to the domain.
Is there a way to do it that detects the user's current AD session and eliminates the need to prompt them, preferably browser (Chrome/FF/IE) independent? If so, it would be great! On Wed, Sep 19, 2012 at 5:06 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Jen, > > On 9/19/12 5:52 PM, Mead, Jen L wrote: > > That was very insightful. All the documentation that I am looking > > into specifies apache as the application. Maybe, just maybe the > > server.xml file will contain what I need to move forward. The lack > > of documentation for what I am trying to do is frustrating. I am > > not even sure I can do it without loading apache with or instead of > > tomcat. Thanks for the info. > > Can you describe what you need to accomplish without specifically > referring to Apache httpd or Apache Tomcat? > > Something like: > > "We have a Java web application that needs to authentication against > Microsoft AD server, and there are no other moving parts required > unless we need them to support this configuration." > > The reason that I ask is that Tomcat (with some special support > libraries and configuration) can authenticate directly against > Microsoft AD and Apache httpd isn't necessary at all. If you /require/ > Apache httpd to perform the authentication, then we can tell you how > to do that, too. > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.17 (Darwin) > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ > > iEYEARECAAYFAlBaUA4ACgkQ9CaO5/Lv0PBlrACcChzrMo5ZRki1yGdFhxY8H+tZ > 6KMAn2AEND/wIIyFOoJDd1ZmfOwjHwsT > =javS > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- Jeff Vincent predato...@gmail.com See my LinkedIn profile at: http://www.linkedin.com/in/rjeffreyvincent I ♥ DropBox <http://db.tt/9O6LfBX> !!
