[jcifs] Kerberos login for Tomcat

[Yannick]

Have a look at that thread
http://www.arcknowledge.com/gmane.comp.apache.mod-auth-kerb.general/2005-11/msg00005.html

I remember that at the time I used mod rewrite in apache to pass the 
remote user to tomcat. I don't have the details anymore since we 
abandonned this solution for JCIFS. I never looked at implementing a 
Kerberos solution in Java since all the hard (And good) work was already 
done in mod_auth_kerb.

The solution with Apache with mod_auth_kerb and mod_rewrite with tomcat 
DID work though. The only thing after that was to catch the remote user 
from the HTTP header.

We went for JCIFS because it offered more flexibility. In our case we 
wanted to be able to filter some users to go through Kerberos or not. 
This involved having two apache servers and to put an IP filtering. It 
was deemed to be too expensive in maintenance. In your case it might be 
just what you need.

Regards
Yannick

www005531 wrote:

> But how to retrieve credential from Apache to Tomcat apps?
> Probably Apache provide only secure container to Tomcat...
>
> Don't you know how to implement pure java Kerberos filter? I have big 
> problem:(
>
> Regards, Andrew
>
>
> ----- Original Message ----- From: "Yannick" <yannick at smellyfrog.com>
> To: "Andrew" <www005531 at gazeta.pl>
> Cc: <jcifs at lists.samba.org>
> Sent: Thursday, March 29, 2007 3:58 PM
> Subject: Re: [jcifs] Kerberos login for Tomcat
>
>
>> There is a module for Kerberos authentication with Apache. I suppose 
>> you have apache in front of tomcat.
>> I don't remember exactly what was involved to make it work, but I 
>> remember I had that working on Windows 2003.
>>
>> Yannick
>>
>> Andrew wrote:
>>
>>> Hello,
>>>
>>> I have to develop a Kerberos login for Tomcat to authenticate users 
>>> of my web application using Active Directory".
>>> JCIFS works only on NTLM.
>>> Have you got any ideas?
>>>
>>> Regards
>>> Andrew
>>>
>>>
>>>
>>>
>>
>>
>>
>
>