Re: JAAS and Datasources

2004-02-23 Thread Adam Hardy 
On 02/23/2004 08:45 PM Dan Thiffault wrote:
Hello,
I am trying to transition my companies internal applications from 
IIS contained ASP pages to jsp pages using struts on tomcat.  Currently 
we are using tomcat 4 but we could easily be swayed to switching to 
version 5 as we are just in the beginning stages of development.  
Currently our internal web apps are secured using integrated windows 
authentication.  We have a custom component to check user roles in 
active directory.  Connections to our sql db are handled using a 
component which runs under fixed permissions.  With our new setup we 
would like to continue using windows integrated authentication. We 
already have a form based login working with active directory.  
Secondly, but more importantly, after authenticating the user as valid 
for the particular resource, we would like to use their credentials to 
log on to our MS SQL server, which we currently have using mixed mode 
authentication. I've searched through a number of web sites but I feel a 
little lost as to where to begin.  My best guess is that we want to use 
JAAS with Kerberos 5 for authenticating but I'm not sure once a user is 
authenticated within an app how that would be applied to a datasource's 
credentials.  Is the db connection made using a JAAS run as?
Hi Dan	
I've no experience with the windows security module but I know that a 
tomcat realm can be configured to use it - check the jakarta website 
under 'realms' :)

That's not a JAAS solution though. When writing your own JAAS module, 
you could easily just use the tomcat win realm code.

I have even less idea about the MSSQL login. If you have to do it at the 
same time as the realm login, then you will have to go with JAAS. Doing 
the webserver and db logins seperately will be tricky, since it is not 
easy to access the users session when logging them in, nor later to get 
any more than the username and roles of the user. Yet surely you will be 
using connection pooling? That conflicts with your DB security, methinks.

Adam
--
struts 1.1 + tomcat 5.0.16 + java 1.4.2
Linux 2.4.20 Debian
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

JAAS and Datasources

2004-02-23 Thread Dan Thiffault 
Hello,
	I am trying to transition my companies internal applications from IIS 
contained ASP pages to jsp pages using struts on tomcat.  Currently we 
are using tomcat 4 but we could easily be swayed to switching to 
version 5 as we are just in the beginning stages of development.  
Currently our internal web apps are secured using integrated windows 
authentication.  We have a custom component to check user roles in 
active directory.  Connections to our sql db are handled using a 
component which runs under fixed permissions.  With our new setup we 
would like to continue using windows integrated authentication. We 
already have a form based login working with active directory.  
Secondly, but more importantly, after authenticating the user as valid 
for the particular resource, we would like to use their credentials to 
log on to our MS SQL server, which we currently have using mixed mode 
authentication. I've searched through a number of web sites but I feel 
a little lost as to where to begin.  My best guess is that we want to 
use JAAS with Kerberos 5 for authenticating but I'm not sure once a 
user is authenticated within an app how that would be applied to a 
datasource's credentials.  Is the db connection made using a JAAS run 
as?

Thank you for any direction, ideas, or sample code.

-Dan T 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]