https://issues.apache.org/bugzilla/show_bug.cgi?id=48685
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #36 from Mark Thomas <ma...@apache.org> 2011-03-31 20:42:47 EDT ---
The final part of the Tomcat SPNEGO implementation has just been committed. It
is broadly based on Michael's patch.
The key features are:
- a new SPNEGO login-config for use in web.xml that supports Windows native
authentication via kerberos
- integration with all Tomcat Realms
- additional integration with the JNDI Realm that enabled the user's delegated
credentials to be used to connected to AD
- the user's delegated credentials are exposed via a request attribute so
applications can use then to impersonate the user when accessing external
services
The main differences compared to the original patch are:
- Use existing Base64 encoder/decoder rather than proposed one
- Integrate with the JNDI realm rather than a new one
- Use existing GenericPrincipal rather than proposed ones
- Documentation
This requires Java 6 so it won't get proposed for back-port to 6.0.x.
Bugs in this implementation and additional configuration / feature requests
should be raised as new Bugzilla issues against Tomcat 7.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
