User authentication and Intranet single sign on

[Robert Lamping <ro...@logicacmg.com>]

Dear all,

For our Struts application we are looking for a single sign on solution.
(Sign on in the network, NOT single-sign on in Tomcat)
With much interest I followed the thread about user-authentication by
Caroline Jen, Gregg and finally the examples of Matt Raible.

I tried the code and it works. We use FORM based authentication now and this
is a good alternative when testing authorization in our web application for
user with different authorization.
We are using Tomcat (Jakarta-Tomcat 4.1.27 with hotfix 22096). and defined a
realm to our user, user roles database. 

For the production environment we are looking for the following:
Users login into the network with their own username and password. I am
looking for a way to grab this username and authenticate this user "under
water" in Tomcat or using some other means, e.g. a filter, using the realm
"user/userroles-database"
 
The result should be that the user only gets a login denied screen when he
is not authorized. 

What is the easiest way to do this? 

Another approach:
We tried to use jcifs, but then the FORM based authentication of the
container does not work. 
When using jcifs, the request.isUserInRole() does not work. Does someone has
example code to solve this?

Hope you can help.

Kind regards,

Robert Lamping






---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org