André, >-----Original Message----- >From: André Warnier [mailto:a...@ice-sa.com] >Subject: Re: Running Tomcat on a webserver that is on a workgroup > > There is probably more to it than that. All they are going to do is join it to a workgroup.
>> I don't understand how Tomcat will be able to access resources from >> our domain, and vice versa, unless I'm running Tomcat as a local >> account, and that same local account is created on the other servers on the >> domain. >> >It all depends what you mean by "resources". It will still be able to access >other hosts >via TCP (through the firewall, if the firewall allows it). But it will no >longer be able >to access "shares" or windows network printers e.g. > >What kind of network resources does your webserver need ? Windows shares. Otherwise the size of the vm that is my current web server needs to grow in order to support access to certain files, mostly images (over 500 GB), or I add the local account from the workgroup to the domain server containing the file share. >> It seems like I'm exploiting one security issue for another. >(trading). Yes, trading is a better word. >What is the security issue that this change is supposed to cure ? Other than making administration more difficult, I was hoping someone could tell me. Tomcat runs with a least privilege account anyway. Is this a "feel good" thing? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
