You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by David Boyer <Da...@bvu.edu> on 2002/12/30 20:09:28 UTC

problem: cannot use Tomcat's container managed security through ISAPI filter

I'm using "<security-constraint>" to restrict access to the manager and
other applications. I've had no trouble using both Memory and JNDI
realms when accessing through the Coyote HTTP/1.1 Connector, but not
when I use IIS and the isapi_redirector.dll (or isapi_redirector2.dll).
With the ISAPI filter, my login attempts are rejected and the Windows
security log suggests the attempts are going against the Windows domain
rather than the tomcat realm.
 
The isapi_redirector2.dll application log entries suggest something
called "jk2_service_iis_get_roles" in the ISAPI filter is attempting to
determine the role of the user rather than letting Tomcat do this. Is
there a way to use Tomcat's container managed security through the ISAPI
filter?
 
TIA!