Facebook
Twitter
R
RebeccahP
Guest
OK, so I'm probably the only person doing this, but...
I have a Tomcat application and am using IIS as a front end. We have been restricting access to the web site by IP address, but want to switch to password-based authentication. Since Tomcat's built-in security domain is labeled for demo purposes only and not to be used in production environment, we are attempting to set up IIS to authenticate with username and password.
It turns out that this requires we create a new Windows user for each web site user. Bleah. So, I want to set up a group with the minimum permissions required to be able to actually use the web site, and then all of the web site users will be members of this group. The user needs to be able to access the IIS web site, access the tomcat application, and access the DOS executable that our tomcat application launches.
So the question is, what permissions do we need to set?
So far, my best guess is that the psaserv group fits the bill, and the users don'tactually need to be members of the Users group. Does anyone know if this is an appropriate use of the group, and if there are any downsides/security risks to using it this way?
Thanks,
Rebeccah
I have a Tomcat application and am using IIS as a front end. We have been restricting access to the web site by IP address, but want to switch to password-based authentication. Since Tomcat's built-in security domain is labeled for demo purposes only and not to be used in production environment, we are attempting to set up IIS to authenticate with username and password.
It turns out that this requires we create a new Windows user for each web site user. Bleah. So, I want to set up a group with the minimum permissions required to be able to actually use the web site, and then all of the web site users will be members of this group. The user needs to be able to access the IIS web site, access the tomcat application, and access the DOS executable that our tomcat application launches.
So the question is, what permissions do we need to set?
So far, my best guess is that the psaserv group fits the bill, and the users don'tactually need to be members of the Users group. Does anyone know if this is an appropriate use of the group, and if there are any downsides/security risks to using it this way?
Thanks,
Rebeccah
