Re: Using NTLM Authentication in WO apps
Re: Using NTLM Authentication in WO apps
- Subject: Re: Using NTLM Authentication in WO apps
- From: Karl <email@hidden>
- Date: Mon, 21 Nov 2011 15:02:11 +0300
Hi,
That is a possibility. How about this - adding a request header with the remote user?:
<Proxy http://127.0.0.1:20000/SOGo>
## adjust the following to your configuration
RequestHeader set "x-webobjects-server-port" "443"
RequestHeader set "x-webobjects-server-name" "myserver"
RequestHeader set "x-webobjects-server-url" "https://myserver"
## When using proxy-side autentication, you need to uncomment and
## adjust the following line:
# RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e"
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
RequestHeader set "x-webobjects-remote-host" %{REMOTE_HOST}e env=REMOTE_HOST
AddDefaultCharset UTF-8
Order allow,deny
Allow from all
</Proxy>
Karl
On 2011-11-21, at 2:43 PM, Henrique Gomes wrote: On Nov 21, 2011, at 8:34 AM, Karl wrote: Hi,
We have a client who wants to use NTLM authentication for our WOApp to provide single sign on for their Windows users. Has anyone actually done this before?
We are hosting the app on Mac OS X 10.7 using Java 6 and Apache 2.x.
Any information would be appreciated.
Karl
The way I would do it (and will really soon for a project) is to have apache handle the authentication of the user if the URL is something like /wa/login. You could use the ntlm module for apache. Actually, since I never done in WO, that leads me to question how I would retrieve the REMOTE_USER from the apache request? (Since windows domains are really kerberos, you could also use kerberos authentication, you would need a HTTP/hostname principal created on the windows kerberos server. There are mails about in on the archives) HG
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden