Les Mikesell
2009-Dec-02 18:39 UTC
[CentOS] Tomcat authentication via PAM (or other system methods)?
Is there a way to coax java services running under tomcat to use the system authentication methods set up through PAM? In my case, this would be users in the local passwd file or through smb to a windows domain. I've added mod_auth_pam to get this effect with apache but would like to also handle java web services. -- Les Mikesell lesmikesell at gmail.com
nate
2009-Dec-02 19:24 UTC
[CentOS] Tomcat authentication via PAM (or other system methods)?
Les Mikesell wrote:> Is there a way to coax java services running under tomcat to use the > system authentication methods set up through PAM? In my case, this would > be users in the local passwd file or through smb to a windows domain. > I've added mod_auth_pam to get this effect with apache but would like to > also handle java web services.If you use LDAP you can use LDAP with PAM and apparently configure Tomcat to talk to LDAP as well http://blog.mc-thias.org/?title=tomcat_ldap_authentication&more=1&c=1&tb=1&pb=1 "Using Tomcat6 (Tomcat 6.0.13 to be precise ;)) on CentOS 4.5, a LDAP authentication can be set up using the JNDI Realm."[..] http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JNDIRealm Same for if your using a SQL DB for authentication, tomcat can tie into that too - http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JDBCRealm nate
Alexander Georgiev
2009-Dec-02 19:50 UTC
[CentOS] Tomcat authentication via PAM (or other system methods)?
2009/12/2 Les Mikesell <lesmikesell at gmail.com>:> Is there a way to coax java services running under tomcat to use the > system authentication methods set up through PAM? In my case, this would > be users in the local passwd file or through smb to a windows domain. > I've added mod_auth_pam to get this effect with apache but would like to > also handle java web services. >java and J2EE (I think also tomcat) use JAAS for authentication purposes. JAAS is like PAM for java applications, in fact JAAS specification is based on PAM specification. There must be JAAS modules that authenticate against pam: http://www.google.bg/search?sourceid=chrome&ie=UTF-8&q=jaas+pam+module
Apparently Analagous Threads
- tomcat errors starting after upgrade from cent5.3 to 5.5 (/rebuild-jar-repository: error: Could not find)
- OT - 3Com and IBM iSeries
- Minimal Kickstart setups to use with Puppet
- Anyone using Active Driectory auth with Centos 5.4.....?
- authentication loosely tied to active directory?