| Author |
Active Directory Authentication
|
Tom Keith
Greenhorn
Joined: Mar 26, 2002
Posts: 24
|
|
All,
I have a question regarding FORM Based Authentication. How is j_password protected from hacking meaning that if a Servlet Filter is written then the NT password can be read from the request which is not good for users as they do not want theit NT passwords to be seen. Is there any way to protect the password from being seen? Does App servers like WLS/WAS/JRun etc., do it? If so how?
Thanks,
Tom
|
 |
dema rogatkin
Ranch Hand
Joined: Oct 09, 2002
Posts: 294
|
|
|
All filters must be disabled for authentication. Check with your servlet container.
|
Tough in space?, <a href="http://tjws.sf.net" target="_blank" rel="nofollow">Get J2EE servlet container under 150Kbytes here</a><br />Love your iPod and want it anywhere?<a href="http://mediachest.sf.net" target="_blank" rel="nofollow">Check it here.</a><br /><a href="http://7bee.j2ee.us/book/Generics%20in%20JDK%201.5.html" target="_blank" rel="nofollow">Curious about generic in Java?</a><br /><a href="http://7bee.j2ee.us/bee/index-bee.html" target="_blank" rel="nofollow">Hate ant? Use bee.</a><br /><a href="http://7bee.j2ee.us/addressbook/" target="_blank" rel="nofollow">Need contacts anywhere?</a><br /><a href="http://searchdir.sourceforge.net/" target="_blank" rel="nofollow">How to promote your business with a search engine</a>
|
|
Tom Keith
Greenhorn
Joined: Mar 26, 2002
Posts: 24
|
|
How do I disable Servlet Filters? Is there a config file?
Another question, Can I write my own AA (Authentication & Authoursation) module by overcoming the password display problem? If so how?
Thanks,
Tom
|
|
Tom Keith
Greenhorn
Joined: Mar 26, 2002
Posts: 24
|
|
Can somebody help me out on this please?
Thanks,
Tom
|
|
 |
|
|
subject: Active Directory Authentication
|
|
|
0
