Hi,
I'm working on a stateless application which does not create an http session.
This application has a standard security constraint requesting basic
authentication on all resources.
Tomcat is configured using a standard JNDIRealm to authenticate against Active
Directory. Authentication and
Frédéric Poliquin wrote:
Hi,
I'm working on a stateless application which does not create an http session.
This application has a standard security constraint requesting basic
authentication on all resources.
Tomcat is configured using a standard JNDIRealm to authenticate against Active
The goal is to have a friendly cloud and cluster application. By removing all
sessions, I can shut down any node at any time. It is mostly a JavaScript
application relying on REST services.
-
To unsubscribe, e-mail:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Frédéric,
On 4/22/14, 9:29 AM, Frédéric Poliquin wrote:
Hi,
I'm working on a stateless application which does not create an
http session. This application has a standard security constraint
requesting basic authentication on all resources.
What if you disable authentication entirely as a test... do things
speed-up? Answer is YES
Do you have a problem only under load or also when you are testing a
single-user? Single user
What I did is to put Tomcat behind an Apache Server which solved my problem.
Maybe it could be a good new
Frédéric Poliquin wrote:
What if you disable authentication entirely as a test... do things
speed-up? Answer is YES
Do you have a problem only under load or also when you are testing a
single-user? Single user
What I did is to put Tomcat behind an Apache Server which solved my problem.
On Tue, Apr 22, 2014 at 8:48 AM, André Warnier a...@ice-sa.com wrote:
Frédéric Poliquin wrote:
What if you disable authentication entirely as a test... do things
speed-up? Answer is YES
Do you have a problem only under load or also when you are testing a
single-user? Single user
What I
-
De : Leo Donahue [mailto:donahu...@gmail.com]
Envoyé : 22 avril 2014 12:01
À : Tomcat Users List
Objet : Re: Stateless application is very slow using LDAP authentication
On Tue, Apr 22, 2014 at 8:48 AM, André Warnier a...@ice-sa.com wrote:
Frédéric Poliquin wrote:
What if you disable
Leo Donahue wrote:
On Tue, Apr 22, 2014 at 8:48 AM, André Warnier a...@ice-sa.com wrote:
Frédéric Poliquin wrote:
What if you disable authentication entirely as a test... do things
speed-up? Answer is YES
Do you have a problem only under load or also when you are testing a
single-user?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Frédéric,
On 4/22/14, 11:33 AM, Frédéric Poliquin wrote:
What if you disable authentication entirely as a test... do
things speed-up? Answer is YES Do you have a problem only
under load or also when you are testing a single-user? Single
user
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Frédéric,
On 4/22/14, 12:38 PM, Frédéric Poliquin wrote:
Passwords are protected using standard SSL. Eventually, the plan
is to move towards OAuth 2.0 with a cookie/security token but until
then I needed a quick solution...
For the other
On 4/22/2014 12:16 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Frédéric,
On 4/22/14, 12:38 PM, Frédéric Poliquin wrote:
Passwords are protected using standard SSL. Eventually, the plan
is to move towards OAuth 2.0 with a cookie/security token but until
then
When you say that you put a reverse proxy in front of Tomcat... do you mean
that you pushed the authentication out to the proxy layer?
Yes, I'm delegating everything to HTTPD using an AJP connector.
This means that if the user changes their password or the group-membership
changes on the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Frédéric,
On 4/22/14, 4:15 PM, Frédéric Poliquin wrote:
When you say that you put a reverse proxy in front of Tomcat...
do you mean that you pushed the authentication out to the proxy
layer?
Yes, I'm delegating everything to HTTPD using an
14 matches
Mail list logo