Hi list.
I have (re-)gone through the Tomcat 7 on-line documentation regarding Windows Domain
authentication (variously designated in different places with acronyms such as WIA,
SPNEGO, AD Authentication, with some additional sub-levels of NTLM (v1 and v2) and
Kerberos), without finding ever a clear response to this question :
Which of the Valves, methods, third-party libraries etc. work for a Tomcat Linux host as
well as for a Tomcat Windows host ?
From the on-line documentation to be found on either the Tomcat site or on the Waffle page
or on the "SPNEGO project at SourceForge", it is *not clear at all* if any of these work
on a Tomcat Linux host "out of the box" or if they require additional software.
For example, the examples given for the SPNEGO Valve all refer only to a Tomcat hosted on
a Windows machine; other parts mention that the Tomcat host has to be "joined to the
Windows Domain" - which to my knowledge under Linux would require at least Samba; other
parts (Waffle) talk about using a native Windows library (which seems to imply that Tomcat
is running on a Windows host). Maybe I am misunderstanding some of this, but none of the
above clearly say either "yes, it works under Linux" or "no, it doesn't".
Is there any way to get some clarification on this ?
I know that this is not easy to provide for any of the Tomcat committers or helpers on
this list, because it requires a Linux Tomcat host with access to one or several Windows
Domains, and the time to evaluate the various options. (It is not any easier for me,
which is why I am asking.)
But it seems to me that the documentation available at this point on the Tomcat site is
unclear and - if some of these options do /not/ work under Linux - may cause people to
lose a significant amount of time trying dead-ends.
I'll start the ball rolling : by personal experience, I do know that the third-party
(commercial) Jespa library works in both cases (Tomcat hosted on Linux or Windows), with
exactly the same configuration procedure, that it does not need any other external
component or circumstance (apart from the free cifs.jar library from the Samba project),
that it has a good and clear documentation, and that one can download it and test it for
60 days for free. On the other hand, it is not a <Realm>, it is not a <Valve>, it is a
Servlet Filter.
Can anyone provide similar clarification on the other options listed on the
Tomcat website ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
