1 Reply Latest reply on May 24, 2003 3:12 AM by Juha Lindfors

    Apache + Tomcat + Jboss + JAAS

    Damian Minkov Newbie

      In my situation I must use The Apache HTTP Server + Tomcat + JBoss on different machines. But I can't find a solution for authentication and autorisation. How can be done this in bothe Tomcat and JBoss since they are running in different machines.

        • 1. Re: Apache + Tomcat + Jboss + JAAS
          Juha Lindfors Master

          servlet tier must authenticate itself to the ejb tier in a same way you'd authenticate your standalone client to the ejb-tier -- either use the JAAS client callback handler and ClientLoginModule in your tomcat JVM or provide the credentials to your EJB proxies directly via jboss SecurityAssociation class.

          Tomcat of course needs to be setup with its own security configuration (as specific to the servlet engine) to authenticate the incoming HTTP requests.