On 4/20/2011 7:03 AM, dirweis wrote:
>
> Hi,
>
> I'm trying to use the Kerberos authentication on IIS for reading out the
> user's name.
>
> To make it even more complicated: I let a Tomcat run via IIS 6.0 on which a
> minimalistic servlet is running that does nothing but printing the user's
> name:
>
> out.print("Logged in as: " + request.getRemoteUser());
>
> Tomcat's already running fine via the IIS (port 8080 is no longer needed in
> the URL :-)
>
This makes no sense. Tomcat has nothing to do with IIS. It needs to do
it's own Kerberos authentication.
I've used Waffle to successfully authenticate a user. The above code is
not written in Java which is what it would need to be if you were doing
it from a Servlet. You need to use getUserPrincipal() from the
authentication object. The code looks something like this:
java.security.Principal principal = httpreq.getUserPrincipal();
if (principal != null)
userID = principal.getName();
where httpreq is an object of the class
javax.servlet.http.HttpServletRequest.
> For a simple testing my Windows 2003 server is all in one: Active Directory
> Domain Controller / DNS, IIS server, Tomcat server and client.
>
> For using Kerberos the following steps have been done:
>
> - Kerberos Network Identity Manager is running
>
> - I followed the howto on http://support.microsoft.com/kb/215383, section
> IIS 6.0
>
> - IIS Default Web Site security runs with disabled anonymous access and with
> checked option 'Integrated Windows authentication'
>
> Can you tell me what else is needed?
>
> Many thanks in advance for helpful answers!
>
> Cheers, Dirk
If the question is about IIS, ask Microsoft. If it's about Tomcat, see
above. They are not related. Each server needs to do it's own
authentication.
Danny
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
