Tomcat authentication using SPNEGO/Kerberos and delegation

前端 未结 3 1713
鱼传尺愫
鱼传尺愫 2021-02-04 14:01

Is there an apache module that implements Kerberos authentication for use by Tomcat and also supports Kerberos delegation?

I\'ve already looked at mod_spnego and it thro

相关标签:
3条回答
  • 2021-02-04 14:42

    WAFFLE (Windows Authentication Functional Framework) now provides that feature starting from v1.4beta.

    It provides a ServletFilter that uses native Windows APIs to authenticate the user, either using Basic or Negotiate authentication. The user then can be impersonated, and native APIs calls will be performed with the access token of the impersonated user.

    0 讨论(0)
  • 2021-02-04 14:50

    How about using the JAAS realm and using the kerberos 5 JAAS module?

    http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JAASRealm

    http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/module/Krb5LoginModule.html

    Looks like it might require a little coding, but the pieces should be there.

    0 讨论(0)
  • 2021-02-04 14:57

    Here's a http://spnego.sourceforge.net/credential_delegation.html tutorial. It implements Kerberos/SPNEGO as an HTTP Servlet Filter and supports credential delegation.

    0 讨论(0)
提交回复
热议问题