You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ravi116 <ra...@countrywide.com> on 2006/11/20 18:30:12 UTC
Custom Authentication
1. Can we implement NTLM or SSL authentication based on some HTTP header
value ?
2. How do we implement an authorization model with single-sign on ? Realms ?
Ravi
--
View this message in context: http://www.nabble.com/Custom-Authentication-tf2670458.html#a7446639
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Custom Authentication
Posted by Ravi116 <ra...@countrywide.com>.
Marcus,
Thanks for your response. Let me elaborate on 1st question -
Need to authenticate users either using NTLM or SSL based on whether is user
in domain or not. Can we implement our own auth-method in login-config in
web.xml ? Part of the requirement is to make shared/single-sign-on across
web applications.
Ravi
Marcus Williford wrote:
>
> Ravi,
>
> I'll try to help:
>
> 1. You could enforce the request.isSecure() along with a header check in
> your servlet and redirect to a secure port. Perhaps you could also do
> this
> in a filter, check the header, then check to see if secure. I'm not sure
> I
> understood your question completely, but I hope this helps.
>
> 2. I've recently used a custom Realm by extending RealmBase, then placing
> that realm in the server/lib directory in jar format. Then simply create
> a
> Realm entry in your server.xml file to your new Realm. Put your SSO login
> in the Custom Realm. I'm sure this isn't the only way, but it is the
> first
> thing that comes to mind.
>
> Let me know if you need help with either of those ideas.
>
> Marcus
>
> On 11/20/06, Ravi116 <ra...@countrywide.com> wrote:
>>
>>
>> 1. Can we implement NTLM or SSL authentication based on some HTTP header
>> value ?
>> 2. How do we implement an authorization model with single-sign on ?
>> Realms
>> ?
>>
>> Ravi
>> --
>> View this message in context:
>> http://www.nabble.com/Custom-Authentication-tf2670458.html#a7446639
>> Sent from the Tomcat - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
--
View this message in context: http://www.nabble.com/Custom-Authentication-tf2670458.html#a7480530
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Custom Authentication
Posted by Marcus Williford <mw...@gmail.com>.
Ravi,
I'll try to help:
1. You could enforce the request.isSecure() along with a header check in
your servlet and redirect to a secure port. Perhaps you could also do this
in a filter, check the header, then check to see if secure. I'm not sure I
understood your question completely, but I hope this helps.
2. I've recently used a custom Realm by extending RealmBase, then placing
that realm in the server/lib directory in jar format. Then simply create a
Realm entry in your server.xml file to your new Realm. Put your SSO login
in the Custom Realm. I'm sure this isn't the only way, but it is the first
thing that comes to mind.
Let me know if you need help with either of those ideas.
Marcus
On 11/20/06, Ravi116 <ra...@countrywide.com> wrote:
>
>
> 1. Can we implement NTLM or SSL authentication based on some HTTP header
> value ?
> 2. How do we implement an authorization model with single-sign on ? Realms
> ?
>
> Ravi
> --
> View this message in context:
> http://www.nabble.com/Custom-Authentication-tf2670458.html#a7446639
> Sent from the Tomcat - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>