Hello all, I'm still trying to make my kerberized Apache work along with JBossPortal/Tomcat (1). I managed to put a kerberized apache in front of JBossPortal, so now, if a client wants to access my portal, he has to authentificate to the kerberized Apache and _then_ he can access the portal. That's good, but it is not enough... The problem is, Apache only says "Allowed/NotAllowed", and once the user has logged, no one knows who he is... he's just one of the authorized users. I haven't found out yet how to get this informations, but apache must store it somewhere. Anyway, what i want now, is that JBossPortal automatically logs the user without asking for password, only by trusting Apache telling it which user it is. To sum up, here are the two questions i keep pasking myself : 1. How to obtain informations on the user who has logged on with Kerberized Apache ? 2. How to do, so that JBossPortal automatically logs the user, by trusting what Apache says ? The first one might be only apache-related, but you may have some clues, and concerning the second question, you may know where to look. Regards, (1) cf : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4106371#... View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4107278#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...