On 27 May 2010, at 00:06, Timothy Taylor <securityaddi...@hotmail.com> wrote:
> Hi, > Just a dumb question from a newbe but if I implement any type of > security with TC then under what identity will the invoked WS stack > object execute the request? Specifically, if I enable Kerberos > authentication between the requesting application and TC does this > guarantee the WS stack executes the requestor's request under the > identity of the actual originating requestor? > Much appreciated, Tim. Tomcat doesn't know what the app is doing. If you've implemented container based security then any client must authenticate via the relevant mechanism before requests are executed. If the web services stack uses the current user principal (and roles) somehow, then Tomcat will apply constraints accordingly. Tomcat does not propagate auth info on in-app filesystem access, for example. p > The New Busy think 9 to 5 is a cute idea. Combine multiple calendars > with Hotmail. Get busy. > _________________________________________________________________ > Hotmail is redefining busy with tools for the New Busy. Get more > from your inbox. > http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_2 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org