This is off the top of my head. I'm currently trying to get mod_spnego to work with my Apache 2.0.48 on Tru64 UNIX.
I have just browsed Tomcat 5.0 docs and there is a JAAS realm, can it be used in MS ADS and Kerberos/GSSAPI environment?
Ideally, I would like my users to login to Active Directory Service, open their IE6 or Mozilla 1.6 and access protected areas. I would like authentication to go via GSSAPI, but that is where I'm a bit stumped.
For this to have any meaning, broweser would have to be Kerberos client, Tomcat (or Apache, in my first draft) Kerberized service provider and MS ADS as Kerberos KDC. If I understand things correctly, this requires a different HTTP authentication method - HTTP/SPNEGO (negotiate). Is there anything like that emerging on Tomcat?
Nix.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
