This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
Our system is a Java system that is working on apache tomcat. There system is working on IIS(6.0).
To make it work we are putting the Apache Tomcat Connector(ajp v. 1.3) as a proxy for forwarding all the information from the iis to the Apache Tomcat server.
We installed it like this in one domain when the apache is on an other computer then the iis. We now tried to add another connection like this and it didn't work well.
The new connection is from another domain. The new iis forwarded the static pages but when it tried to do an ajax request there opened a window with a request to enter the user and password.
We can see that the ntlm is forwarded to the apache.
It sounds like what you need is Single Signon (SSO).
Tomcat uses plug-in modules called Realms to handle JEE standard security. Most of them control authentication and authorization for a single app on a single server. However, SSO Realms can reference a master A&A service such as NTLM so that they won't force a login if the user was already logged in somewhere else. NTLM is an extreme case, since you have to do a Windows login just to get to the desktop, but that actually isn't important to SSO. Signed on is Signed on, after all.
Customer surveys are for companies who didn't pay proper attention to begin with.