Integrated Windows Authentication for TomCat 7

[Clinton Breed <cl...@lonrho.com>]

Good day All

We are running a web app named n-able Helpdesk Manager via TomCat 7 on a Windows Server 2008.
The Tomcat gets installed via the n-able helpdesk installation. I have been assigned a task to get the Helpdesk Webapp to login automatically gathering the information from the windows login. (automatic LDAP authentication)
I have done some research and found out that it is possible to integrate the windows authentication  through Tomcat (SPNEGO), but my question is, how to I get past the Login on the Webapp (n-able Helpdesk)
The authentication options I have on n-able Helpdesk is:

n-able Help Desk Manager (Where you create user login details)
CAS 2.0
SAML 2.0
Servlet Authentication
HTTP Header
HTTP form value

I have little experience in regards with the above authentication aswell as tomcat, proper guidance will be appreciated. Please feel free to ask for more information if you need it.

Thanks,

Clinton Breed
Systems Analyst
Lonrho Group
Corner of Webb and Jones Roads
Jet Park
Boksburg,
Johannesburg1459
South Africa
Tel: +27 11 571 9869
clinton.breed@lonrho.com
www.lonrho.com
Lonrho Group
 Please consider the Environment before printing this email
This e-mail (and any attachment) is strictly confidential and intended solely for the ordinary use of the e-mail address to which it was addressed. It may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, please notify the sender by e-mail or telephone +44 (0) 207 016 5105, quoting the name of the sender and the e-mail address to which it has been sent, then delete it. The unauthorised use, disclosure, distribution and/or copying of this e-mail or any information it contains is strictly prohibited and could, in certain circumstances, constitute a criminal offence. Please note that neither Lonrho nor the sender accepts any responsibility for viruses and it is your responsibility to scan or otherwise check this e-mail and any attachments.

The contents of this e-mail message and any attachments to it are written for and on behalf of the Lonrho Group company to which the subject matter expressly relates and no other company. No employee, agent, consultant or other representative of a Lonrho Group company is authorised to conclude any binding agreement on behalf of a Lonrho Group company without express written confirmation of the board of directors of the relevant Lonrho Group company. The Lonrho Group of companies accepts no liability for the content of this email or for the consequences of any actions taken on the basis of the information provided unless that information is subsequently confirmed in writing as specified above. A list of the Lonrho Group of companies is available for inspection at the registered office of Lonrho. Lonrho is registered in England & Wales under Company Number 02805337 and its registered office address is 2nd Floor, 25 Berkeley Square, London W1J 6HB.

Re: Integrated Windows Authentication for TomCat 7

[Mark Thomas <ma...@apache.org>]

On 25/05/2016 07:02, Clinton Breed wrote:
> Good day All
> 
> We are running a web app named n-able Helpdesk Manager via TomCat 7 on a
> Windows Server 2008.
> 
> The Tomcat gets installed via the n-able helpdesk installation. I have
> been assigned a task to get the Helpdesk Webapp to login automatically
> gathering the information from the windows login. (automatic LDAP
> authentication)
> 
> I have done some research and found out that it is possible to integrate
> the windows authentication  through Tomcat (SPNEGO), but my question is,
> how to I get past the Login on the Webapp (n-able Helpdesk)
> 
> The authentication options I have on n-able Helpdesk is:
> 
> n-able Help Desk Manager (Where you create user login details)
> 
> CAS 2.0
> 
> SAML 2.0
> 
> Servlet Authentication

I'd guess this is the option you need.

I'd start with a simple web application and make sure that SPNEGO is
working correctly. A JSP that displays the current value of
HttpServletRequest.getRemoteUser() with an appropriate security
constraint should be enough to test with.

Mark


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org