0 Replies Latest reply on Nov 18, 2014 3:54 PM by partlycloudy

    IIS ISAPI to Tomcat/ORDS


      I am exploring ways to use Integrated Windows Authentication with APEX. This page summarizes the various options.


      Another option that comes to mind is to use IIS on a Windows server, use the ISAPI filter to authenticate the user and pass along the authenticated request to the APEX listener (ORDS) running in a Tomcat container on another Linux server.  Or Tomcat could just as well run on the same Windows server but the ORDS configuration could use the JDBC connect string to connect to the APEX engine wherever it is.


      Has anyone tried this configuration? I am not very familiar with Windows , IIS/ISAPI and all that stuff so any help would be appreciated.




      [Edit: Actually, come to think about it, ISAPI does not handle Kerberos tickets, it just uses the NTLM hash to identify the user so this wouldn't work, I definitely need to use Kerberos to transparently authenticate the user with the AD/KDC domain controller. Forget about this]