Stéphanie Cettou wrote:
Hi,
I use Tomcat 5.5.
I have a JSP application.
The login is implemented with database.
<Realm className="org.apache.catalina.realm.JDBCRealm" .....
I need to increase the security. I want that the user have only 3
retry for the login, the user must change the password every months, I
need a password policy (8 char, Maj and min,...).
How I can implement this?
I think to use active directory, but I can't manage user and passwords
directly with tomcat, or yes?
Hi Stéphanie.
Maybe as an alternative..
If you mention Active Directory, does that mean that all your Tomcat
users are working on MS Windows workstations, and login to a Windows
domain before they call up the browser and access your Tomcat-based
applications ?
I am asking because if that is the case, then there exist solutions
which would allow your users to not even have to login (to your Tomcat
applications), and will automatically use their Windows domain user-id
for Tomcat.
And the management of users and passwords is then left to the AD system,
and you get a Single-Sign-On solution at the same time.
This scenario may or may not fit your needs, but if it does, it may be a
big simplification for you.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
