Dear Team,
We are currently using NTLM for SSO authentication in our application using IIS as our web server, but with the new upgrade in the application we now has to use Apache Tomcat as our primary web server.
So in order to get SSO working we are trying to use Reverse Proxy from IIS 10 to Apache Tomcat 8.0.22, with Windows Authentication (NTLM) at IIS level.
We used URL-Rewrite to redirect the user request from IIS to Apache web server which is working fine for Anonymous authentication.
But we are facing issue when we are trying to do the WIA(NTLM) authentication and pass the request to Tomcat. It is throwing 401 error. Can you please help with the below :
- Is URL-Rewrite supported with WIA (NTLM) authentication, We cannot use Kerberos as per the comapny guidelines so we have to use NTLM.
- Is there a document which can share more details on how to configure the same.
- Our application listens to HTTP connector of Tomcat, so we cannot use ISAPI_Redirect as it works with AJP connector. Please let me know if this understanding is correct.
- Please suggest if there is any better approach for the same.
Many thanks for your help in advance.
Thanks
Suraj