On 28/02/2013 02:18, Chris Fors wrote:
Trying to get Windows
Authentication operational using the Tomcat Built-in method. Implemented the
following but not
observed any Windows / Kerberos authentication occuring:
-
Domain joined
windows member server
-
Domain service
account
-
Delegated SPN for
HTTP protocol on the member server to the service account
-
Generated keytab
file for the service account and saved in $catalina.base\conf folder
-
Created Valve in context.xml of className
org.apache.catalina.authenticator.SpnegoAuthenticator
-
Created krb5.ini and
saved in $catalina.base\conf folder
-
Created jaas.conf and
saved in $catalina.base\conf folder
After this still no observed
effect on logon authentications – all still apparently anonymous.
As expected from what you have described.
If there are no security constraints on a resource, Tomcat isn't going
to require authentication.
Anyone had success with this ?
Yes. I have a set of test VMs (1 domain controller, 1 Tomcat server and
1 client) where this feature works.
Any ideas on what is missing?Is there a good way to
debug the process?
See above. I'd expect to see some changes to the webapp.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org