-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 André,
On 1/29/13 4:19 AM, André Warnier wrote: > Christopher Schultz wrote: >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 >> >> André, >> >> On 1/28/13 12:32 PM, André Warnier wrote: >>> Christopher Schultz wrote: >>>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 >>>> >>>> Chris, >>>> >>>> On 1/28/13 7:47 AM, chris derham wrote: >>>>>> 1) All 3 applications are browser compatible and users >>>>>> may use other then IE hence IE alone can be ruled out >>>>> Do you mean "multiple browsers access these web >>>>> applications, so we can't use anything that is IE >>>>> specific"? Assuming that you do, I don't believe that >>>>> anybody suggested anything that is IE specific, e.g. the >>>>> SSO solutions so far posted will work in other browsers as >>>>> well. Can you elaborate on what you mean exactly please? >>>> I think auto-forwarding credentials from the client system >>>> through the browser generally requires MSIE. I've never done >>>> anything like that and have no idea what I'm talking about, >>>> so I may be completely wrong. >>>> >>> You are. Firefox supports "Windows Integrated Authentication" >>> fine too, and I believe most usual current browsers do. >> >> Do you need a plug-in or anything like that? Does it need to be >> specifically enabled? >> > > This may provide more details : > http://markmonica.com/2007/11/20/firefox-and-integrated-windows-authentication/ > > or search Google for : windows integrated authentication support > in firefox > > I am using currently Firefox v 17.0.1, and it seems to do fine > right out of the box. By default, Firefox will prompt for id/pw in > a dialog box anyway, even for WIA. But you can change this > specifically for a list of sites, for which no prompt will be > issued. (That's all under Windows of course). Does that mean that Tomcat treats WIA similar to HTTP BASIC (or maybe DIGEST) unless you've approved a particular domain/host? That's interesting. Can you just enter anything you'd like? For instance, can I authenticate to a server that is expecting WIA from a Linux workstation just by entering my domain credentials into the dialog? That certainly sounds nice: the Microsoft Windows crowd doesn't have to authenticate (explicitly, that is... their credentials are that they are currently logged-into a machine on the network) but everyone else can also get in. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlEIA1kACgkQ9CaO5/Lv0PBipACePGDkZmoUz7G6KSuPlw/gvI0t PzkAn08vYiDxbbOeJziPp/lLwyMpawh5 =kWQJ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
