Hi, That is a possibility. How about this - adding a request header with the remote user?:
<Proxy http://127.0.0.1:20000/SOGo> ## adjust the following to your configuration RequestHeader set "x-webobjects-server-port" "443" RequestHeader set "x-webobjects-server-name" "myserver" RequestHeader set "x-webobjects-server-url" "https://myserver"; ## When using proxy-side autentication, you need to uncomment and ## adjust the following line: # RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e" RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0" RequestHeader set "x-webobjects-remote-host" %{REMOTE_HOST}e env=REMOTE_HOST AddDefaultCharset UTF-8 Order allow,deny Allow from all </Proxy> Karl On 2011-11-21, at 2:43 PM, Henrique Gomes wrote: > > On Nov 21, 2011, at 8:34 AM, Karl wrote: > >> Hi, >> >> We have a client who wants to use NTLM authentication for our WOApp to >> provide single sign on for their Windows users. Has anyone actually done >> this before? >> >> We are hosting the app on Mac OS X 10.7 using Java 6 and Apache 2.x. >> >> Any information would be appreciated. >> >> Karl > > > The way I would do it (and will really soon for a project) is to have apache > handle the authentication of the user if the URL is something like /wa/login. > You could use the ntlm module for apache. > > Actually, since I never done in WO, that leads me to question how I would > retrieve the REMOTE_USER from the apache request? > > (Since windows domains are really kerberos, you could also use kerberos > authentication, you would need a HTTP/hostname principal created on the > windows kerberos server. There are mails about in on the archives) > > HG >
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
