I have a java web application running on tomcat, and will use single sign

Question

0

Asked: May 30, 20262026-05-30T06:49:03+00:00 2026-05-30T06:49:03+00:00

I have a java web application running on tomcat, and will use single sign

0

I have a java web application running on tomcat, and will use single sign on (against an Active Directory) for authentication.

What I want to accomplish is, that only certain pages in the web app are allowed to be the first “landing page” in the site.

The use case is that one may point the browser to index.jsp, and then be authenticated behind the scenes, and then be forwarded to some_content.jsp.

However, if I point the browser directly to some_content.jsp, I want the request to be denied, somehow, and NOT authenticated behind the scenes.

To rephrase, if I go to some_content.jsp first, without already being authenticated, I do not want authentication to happen, eventhough I have SSO set up.

Is it a matter of some fairly simple security-constraint, or what could a solution be? I am looking for a solution that can be configured, rather than adding code.

Thanks a lot!

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-30T06:49:05+00:00

Editorial Team

2026-05-30T06:49:05+00:00Added an answer on May 30, 2026 at 6:49 am

This won’t work with container managed security. The only method to have a concrete login-entry-point with container-manager auth like in Tomcat is FORM auth. I use SPNEGO auth myself and Tomcat will perform it on any URL if it is denoted as protected. So a routing login page is not possible unless you write a custom authenticator.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a java web application running on tomcat, and will use single sign

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply