|
Thanks David. How does Kerberos differ from SSL? -----Original Message----- From: David Morris [mailto:David.Morris@xxxxxxxxxxxxx] Sent: Tuesday, April 20, 2004 3:09 PM To: java400-l@xxxxxxxxxxxx Subject: RE: Websphere authenticating to a remote as/400 and Envoy Todd, I can't tell you how you would do this with WebSphere, but with Tomcat you would create a Realm. There are three or four that come with Tomcat and they are pretty easy to create. The realm receives the user principle which gives you the information they keyed into the security challenge in a browser. If you use Basic the password comes through clear, if you use Digest it will be an MD5 digest of the password. You are free to use that information to check against anything you want. To authenticate against an iSeries profile, I you will probably need the clear text password -- this is dangerous and hard to secure. If you are running on another box, you limit how you can authenticate and generally have clear text passwords somewhere or kerberos. With kerberos you can get around this using the SPNEGO protocol to talk to the browser. There is at least one commercial application that implements SPNEGO but the only free option I know of is Apache. David Morris >>> tbryant@xxxxxxxxxxxxxxxxxxxxxxx 4/20/2004 12:31:08 PM >>> I see. So, just so I completely clear, they are not authenticating against 400 profiles, they are using bsd user accounts, in the case of the one running FreeBSD? That makes sense. I was wondering how one would get past this limitation. -----Original Message----- From: Joe Pluta [mailto:joepluta@xxxxxxxxxxxxxxxxx] Sent: Tuesday, April 20, 2004 1:36 PM To: 'Java Programming on and around the iSeries / AS400' Subject: RE: Websphere authenticating to a remote as/400 and Envoy > From: Todd Bryant > > We currently have Envoy running on the 400 using WAS 5.1. We are thinking > about moving Websphere off the 400 and onto another box. Also, it would be > nice to be able to run a test environment in WSAD and have it work. The > problem I am having is that I cannot figure out a way to have websphere > authenticate with a remote machine if you set up an application with BASIC > or FORM authentication. As far as I can tell it will only try and > authenticate with the local system. From what I understand this should be > possible. Anyone have any suggestions? Todd, as far as I know a web application server will only authenticate against the box it is running on. We've got two other PSC/400 installations doing just that: one is running Tomcat on a FreeBSD machine, while ITT Aerospace is running WebSphere on one iSeries and the applications on another. Joe _______________________________________________ This is the Java Programming on and around the iSeries / AS400 (JAVA400-L) mailing list To post a message email: JAVA400-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/java400-l or email: JAVA400-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/java400-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
