NTLM authentication together with Tomcat roles (JDBCRealms)?
Hello,
I am relative new to Java and started to deal with web-applications and authentication methods.
To check if a user is member of our NT domain I used jcifs NTLM filter mapping which works fine.
Now I want additionally use Tomcat roles, JDBCRealms to check if a user is member of a certain role to grant/deny access to specific URLs within my web-application. Each of them I got to work.
But both together I cannot get it working. My problem is the web.xml.
Especially the <login-config> tag.
For NTLM I need the following one:
<login-config>
<auth-method>NTLM</auth-method>
<realm-name>NTLM secured WebApp</realm-name>
</login-config>
and for JDBCRealms I need the following one:
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Secure WebApp</realm-name>
</login-config>
So how to bring them together? It seems the Tomcat expects only one <login-config> tag. Am I right?
I do not know how to tell the Tomcat to use both.
Is it possible to use NTLM athentication together with Tomcat roles (JDBCRealms)?
If yes how th web.xml must look like?
I use Tomcat 5.5.
Any help is highly appreciated! Thanks in advance!
