oh...@cox.net wrote:
---- "André Warnier" <a...@ice-sa.com> wrote:
oh...@cox.net wrote:
---- "André Warnier" <a...@ice-sa.com> wrote:
oh...@cox.net wrote:
Now let me ask another question :
Why do you need to authenticate the user at the Apache level, and pass this user-id to
Tomcat ?
Obviously, from the OAM documentation I scanned, there must exist an OAM module directly
for Tomcat, to authenticate users there. Why are you not using that ?
It seems like they should have one, but, unfortunately, they don't.
Mmm. Browsing the documentation, I seem to remember seeing something about
Weblogic, no ?
Is that not usable ?
(As an aside, send your messages only to the list. I get all messages to the list anyway,
so if you send them to me too, I get them twice).
Hi,
Sorry about the emails.
Yes, they do support integrating with WebLogic, and we do use that for other
cases, but that's probably a bit off-topic here.
We don't mind the competition here. Keeps us on our toes.
Just kidding.
What I meant to ask (me being the not-so-Java specialist see) was, since Weblogic is a
servlet engine, and Tomcat is a servlet engine, both ought to abide by the servlet spec
and such, so isn't the Weblogic-oriented module usable with Tomcat ?
Or is this too much of a rosy view of the world ?
Anyway, the only other thing that comes to mind is, since you seem to be an OAM customer,
can you not ask the OAM support people if OAM sets the internal Apache user-id or not ?
Hi,
I'll answer the last question first: We have asked, but they don't support
integration with Tomcat out-of-the-box. That was why I've been looking into it
for our organization.
Ok. But the question here is different : you are not asking if they support
Tomcat.
What you are asking is if OAM can set the Apache internal user-id, once the user is
authenticated by OAM.
The situation is the same as if you had to support, say, some legacy Apache-based
application, and this Apache-based application needs the user-id, and it normally gets it
from Apache.
For example, imagine that your organisation has some pre-existing content-management
system based on Apache and Perl. Now you purchase OAM as a global SSO mechanism, and you
want to use OAM to authenticate the users for your content-management application. For
that, the easiest way is for OAM to just set the Apache user-id, because then you don't
have to change anything to your existing application.
Re. your 1st question, yes, WebLogic is J2EE, but the integration that Oracle
has with WebLogic is based on providers that leverage the (old) WebLogic/BEA
security framework, which is/was proprietary to WebLogic, so those providers
are not compatible with or usable with anything other than WebLogic.
The situation is similar to Tomcat and valves I guess, i.e., Tomcat is J2EE
compliant (for JSPs, servlets, etc., but valves are "proprietary'' to Tomcat.
Jim
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
