Re: JNDI Authentication

Tue, 04 Aug 2009 05:50:10 -0700 

http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JNDIRealm

authentication
A string specifying the type of authentication to use. "none", "simple", "strong" or a provider specific definition can be used. If no value is given the providers default is used. 

By default - authentication is null so the code is not called.

-Tim

Geofrey Rainey wrote:

Im sorry, I don't understand your response.

I'm writing a Login Module to auth against an active directory server
and know the authentication type is specified by:

Context.SECURITY_AUTHENTICATION

(Which can be something like "simple", for clear text, or SASL, etc)

Presumably the JNDIRealm sets this variable and I'm wondering what it
is. In the Tomcat source code, I can see the following (JNDIRealm.java),
but don't know what the "authentication" is defined as?

if (authentication != null)
            env.put(Context.SECURITY_AUTHENTICATION, authentication);



-----Original Message-----
From: Tim Funk [mailto:funk...@apache.org] Sent: Tuesday, 4 August 2009 11:55 p.m. 
To: Tomcat Users List
Subject: Re: JNDI Authentication

JNDIRealm is based on communicating to an LDAP server. (Which is one way

AD can communicate)

-Tim

Geofrey Rainey wrote:

Does anyone know what type of authentication Tomcat uses by default to
authenticate to an AD server using the JNDIRealm?


(I haven't specified any particular authentication type on either the
server (AD), or the client (Tomcat 6.0), it's working fine but I'm
wondering

If it's using SASL).


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

==========================================================
For more information on the Television New Zealand Group, visit us
online at tvnz.co.nz ========================================================== 
CAUTION:  This e-mail and any attachment(s) contain information that
is intended to be read only by the named recipient(s).  This information
is not to be used or stored by any other person and/or organisation.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to