Marcus,
Thanks for your response. Let me elaborate on 1st question -
Need to authenticate users either using NTLM or SSL based on whether is user
in domain or not. Can we implement our own auth-method in login-config in
web.xml ? Part of the requirement is to make shared/single-sign-on across
web applications.
Ravi
Marcus Williford wrote:
>
> Ravi,
>
> I'll try to help:
>
> 1. You could enforce the request.isSecure() along with a header check in
> your servlet and redirect to a secure port. Perhaps you could also do
> this
> in a filter, check the header, then check to see if secure. I'm not sure
> I
> understood your question completely, but I hope this helps.
>
> 2. I've recently used a custom Realm by extending RealmBase, then placing
> that realm in the server/lib directory in jar format. Then simply create
> a
> Realm entry in your server.xml file to your new Realm. Put your SSO login
> in the Custom Realm. I'm sure this isn't the only way, but it is the
> first
> thing that comes to mind.
>
> Let me know if you need help with either of those ideas.
>
> Marcus
>
> On 11/20/06, Ravi116 <ravi.varanasi@(protected):
>>
>>
>> 1. Can we implement NTLM or SSL authentication based on some HTTP header
>> value ?
>> 2. How do we implement an authorization model with single-sign on ?
>> Realms
>> ?
>>
>> Ravi
>> --
>> View this message in context:
>> http://www.nabble.com/Custom-Authentication-tf2670458.html#a7446639
>> Sent from the Tomcat - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@(protected)
>> To unsubscribe, e-mail: users-unsubscribe@(protected)
>> For additional commands, e-mail: users-help@(protected)
>>
>>
>
>
--
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)
