Send reply to: Tomcat Users List <users@tomcat.apache.org>
Date sent: Sat, 12 Sep 2009 12:50:41 -0700 (PDT)
From: Derlei Luff <derlei...@yahoo.com>
Subject: Windwos Integrated Authentication using AD and Tomcat (no
prompt to
the users)
To: users@tomcat.apache.org
> Hi all,
>
> I´m new to Tomcat and normally work in a Microsoft Windows world.
> I´ve stumbled into a problem using Tomcat as a web server, that
> I´m sure there is a simple solution for though I can´t find it.
> I´m sure it works if I use a MS IIS server instead of a Tomcat
> server at least. I hope some of you more experienced users of Tomcat
> can either point me in the right direction or perhaps come up with the
> conclusion J My problem is: I have a running Active Directory which
> holds the users and groups. I have a Windows XP client, which is
> member of the Active Directory domain. If a users logs into the client
> using he´s username and password and then open Internet Explore I
> would like him to gain access to a web page hosted on the Tomcat
> server. The problem is that the Tomcat server shall validate the
> user´s Active Directory credentials and the credentials should be
> sent to Tomcat without user interaction. In other words I want
> "Windows Integrated Authentication" from the MS world, so that
> Internet Explore takes the users credentials and send them to the
> Tomcat server (Kerberos). So far I can only get this to work if
> Internet Explorer prompts the users for he´s credentials (Basic
> Authentication). In other words I want to archive this:
> · Users logs onto the Windows XP computer using
> he´s username and password · User opens Internet
> explorer and write the URL to the page hosted on the Tomcat server
> · Internet Explore sends the users username and
> password automatically to tomcat (Kerberos) · The
> Tomcat validates the user´s credentials and accepts the request.
> This is some form of Single Sign On and I know it works if I use IIS
> instead of Tomcat. I´ve found several guides on the net, but no one
> which tells me if this is possible or not. Hope some of you of you can
> point me in the right direction, but perhaps I have to use a third
> part application to archive this?? Thanks in advance, Derlei
>
>
>
http://wiki.apache.org/tomcat/FAQ/Windows#Q4
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
