Okay, Checked it out, can I use this API to grab the username and password with a .jsp or servlet off the NT machine.....and then pass it to Tomcat so it then can look up users in Active Directory?
I want security to be container managed.....So I need to 1.) Grab the username and password 2.) Post it to the login form (action="j_security_check") 3.) Tomcat will connect to Active Directory (JNDI) 4.) Tomcat will redirect to the original page called....... Does this make sense to everyone? -----Original Message----- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 4:17 PM To: Tomcat Users List Subject: Re: Active Directory Single Sign-On I think you are looking for NTLM authentication which was done by the samba folks. See http://jcifs.samba.org/ -Tim Pitre, Russell wrote: > Hey All- > > > > Finally Finally, Finally, I figured out how to authenticate to Active > Directory.......(code below minus the login form).....now to go further, > I would like to implement Single Sign-On.....somehow we would need to > retrieve the user's name and password off their NT machine and use them > to automatically post the form......does anyone have any suggestions? > > > > Also, I was able to see in the log that it enumerates the groups of the > user, but It didn't find the "Domain Users" > group.........hmmmm.....anyone know why? I see the security group in AD > Comp & Users...... > > > > <SERVER.XML> > > > > <Context> > > > > ......stuff > > ......stuff > > .....stuff > > > > <Realm className="org.apache.catalina.realm.JNDIRealm" > > debug="99" > > connectionURL="ldap://[Domain Controller]:389" > > > userBase="OU=Users,OU=Shawmut,DC=[Domain],DC=com" > > userSearch="(sAMAccountName={0})" > > userRoleName="member" > > > roleBase="OU=Users,OU=Shawmut,DC=[Domain],DC=com" > > roleName="memberOf" > > > roleSearch="(memberOf=CN=tomcat,CN=Users,DC=[Domain],DC=com)" > > > connectionName="CN=Administrator,CN=Users,DC=[Domain],DC=com" > > connectionPassword="[password]" > > roleSubtree="true" > > userSubtree="true"/> > > </Context> > > > > > > <WEB.XML> > > > > <security-constraint> > > <display-name>Show Tracker Security > Constraint</display-name> > > <web-resource-collection> > > > <web-resource-name>Protected Area</web-resource-name> > > > <url-pattern>/*</url-pattern> > > </web-resource-collection> > > <auth-constraint> > > > <role-name>CN=Alloffice,OU=SDC,OU=Email Distribution > Lists,OU=Groups,OU=Shawmut,DC=[Domain],DC=com</role-name> > > </auth-constraint> > > </security-constraint> > > > > <login-config> > > <auth-method>FORM</auth-method> > > <realm-name>Show Tracker > Authentication Area</realm-name> > > <form-login-config> > > > <form-login-page>/login.jsp</form-login-page> > > > <form-error-page>/error.jsp</form-error-page> > > </form-login-config> > > </login-config> > > > > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
