User Authentication
hi all,
i am working on servlets and i would like to set up authentication for the pages ppl view.
i have used the following code to display that the page that people are viewing needs authentication
response.setStatus(res.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate","NTLM");
it pops up a authentication window but when i give domain\user name and password it does not proceed.
how should we use the authentication stuff?
i need to work on sessions so i would like to authenticate the user before i use their name in session info.
please let me know what i should do.
[634 byte] By [
sgshankara] at [2007-11-27 8:53:39]
# 3
As far as I know, this is the only way with Tomcat, you could try running Tomcat with Apache and use NTLM authentication with Apache. Tomcat by itself doesn't support domain authentication.
I've seen some code somewhere where the app reads the values from Windows, i.e. it uses the values of the user logged into the Windows system ( NTLM ). But the problems with that are that
1. It doesn't actually involve a login, it automatically uses the values
2. You'll have to put the code on every single page and handle the restriction etc on your own since it's part of your JSP/servlet code and is not handled by the container.
# 4
ok..
i am using the system to show me a pop up and get get the user info why is that not authenticating against the domain? shouldnt the browser automatically try to authenticate?
i am unaware of whats the process behind this authentication procedure.. can any one tell me what will happen once i get the popup and i give domain\username followed by password and click ok?
will it go back to application server?
# 5
I really don't know how the authentication that you're using works.The domain authentication is under the control of the server; once the user types in the details, the server will authenticate that data against the realm that you've specified, JDBC, Memory, JNDI or whatever.
