You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2010/02/10 11:41:40 UTC

DO NOT REPLY [Bug 46323] NTLM Authentication for Microsoft Active Directory controlled Intranet

https://issues.apache.org/bugzilla/show_bug.cgi?id=46323

--- Comment #2 from cdauth+issues.apache.org@cdauth.de 2010-02-10 02:41:37 UTC ---
So do I understand this right? This authenticator does not do any
authentication but only receives the user name on the user's computer?

If so, I am against including this in the Tomcat distribution, as people would
probably think that this would provide any security. Instead, we need an
authenticator that authorises against the Active Directory somehow and offers
fallback Basic authentication (like mod_ntlm for Apache does, for example).

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org