Hello, I have a question regarding security on Tomcat. first, some background:
I'm currently assisting in the deployment of a Xerox Docushare system. This implementation DocuShare runs on Tomcat (among other platforms.) The problem I've been having with this particular app/server setup is that DocuShare security has only two notions: guest access, which does not require authentication, and a registered user, which does require authentication (in our case against an LDAP server) and requires an expensive icense. I'd like the have 3 levels of security. NO ACCESS, authenticated LDAP users but not Docushare clients (no $$ license) and licensed, authenticated users. Since this scenario is not provided for out of the box, I was wondering if its possible to connect the Docushare connector to an LDAP valve and pipe all the DocuShare traffic through another LDAP authentication container (please excuse me if I get the Apache lexicon twisted up, I'm new at this.) In a nutshell, I'm looking to intercept all trafice coming to the Tomcat server (it's not being used for anything other than DocuShare anyways, so that should make things a little simpler) and require LDAP user authentication to access the server. Authenticated users can then see the DocuShare (by default, as DocuShare guest users) app, which may, in turn, require an additional authentication step to determine if a user should have additional access rights as a licensed user. Ideally, the LDAP authentication info could be passed into the DocuShare application to automate the last step, but I'd be more than happy even if the step required another username/password combo entry by the user. Can this be done? If so, where would I start to get this off the ground? Any help is greatly appreciated. -Jake --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
