Hello there!

Need Help? We are right here!

support
miniOrange Support

Thanks for your inquiry.
One of our representatives will get in touch with you shortly via email.

Tomcat Authentication using Valve
Know how miniOrange does Custom Authentication using Valve.

These are services provided by miniOrange. miniOrange takes no representations about the suitability of information on this page for your particular requirement, unless you engage in consultation with us. Tomcat Valve Authenticator is one of the projects that miniOrange can do for its customers and is in no way part of any of miniOrange products. If any more information is needed, please send an email to info@miniorange.com.

Sample Reference Tomcat Guidelines for Single Sign On Valve Configuration.
Sample Reference Tomcat Guidelines to show a Single Login Page for multiple web applications.
Sample Reference Tomcat guidelines to setup Single Sign on in a Federated Environment.

miniOrange is an IT security and services company (vendor). As an IT security outsourcing company, miniOrange firmly believes in complete satisfaction of its customers who are looking for security outsourcing companies and vendors. As one of the leading information security companies, miniOrange provides the following Single sign on (sso) services for its customers.

  • Single Sign on (SSO)
  • Cloud based Single Sign on (SSO)
  • Integration with 3rd party internet fraud prevention services
  • Windows credential provider based Single Sign on (SSO)
  • WSFed Authentication and Single Sign on (SSO)

In addition to the above, as more and more companies are putting their data on the cloud, they are concerned about protecting that data and make it available only for authorized users. As an IT security outsourcing company, miniOrange firmly believes in implementing strong authentication methods to access resources on the cloud. As one of the leading information security companies, miniOrange provides the following authentication services for its customers.

  • Authentication services (Strong Authentication, Two factor Authentication, 2 Factor authentication, 2 step verification)
  • Authentication services in network security
  • One time passcodes (OTP) over SMS, OTP over Email,Out of Band SMS, Out of Band Email, Soft token, Hardware Token, Push Notification, Voice authentication, Face Detection, Certificate Authentication
  • Custom authentication provider in spring security
  • Custom authentication provider in weblogic
  • Custom authentication provider in spring
  • Biometric authentication including integration with face detection and authentication, voice authentication based on voice print, thumb print detection and verification

As recent attacks on various online portals and cloud apps show us that you can put up the best authentication method out there and hackers will find a way to get past that. The best way to authenticate users in the cloud is to dynamically calculate the risk of authorization based on device, location, time of access and behavior. As one of the leading information security companies, miniOrange provides the following dynamic authentication for its customers

  • Fraud Prevention services (Risk based access, Adaptive authentication, Dynamic authentication, dynamic assessment of risk)

    Half the world uses Microsoft technologies and most of them use an Active Directory (AD) for authentication and authorization. Active Directory Federation Services (AD FS) is designed to provide single sign on for users using windows technology. As an IT security outsourcing company with specialization in windows, miniOrange firmly believes in implementing Active Directory Federation Services (AD FS). As one of the leading information security companies, miniOrange provides the following Active Directory Federation Services (AD FS) for its customers

  • Active Directory Federation Services (AD FS) installation
  • Active Directory Federation Services (AD FS) configuration
  • Active Directory Federation Services (AD FS) 2.0 installation and configuration
  • Active Directory Federation Services (AD FS) 3.0 installation and configuration
  • Active Directory Federation Services (AD FS) error handling, debugging, howto guides

If you are in any kind of network, LAN, WAN or Virtual private network(VPN), you must have heard about an ancient protocol called Remote Authentication Dial In User Service (RADIUS).Its a networking protocol that provides centralized authentication and authorization. As an IT security outsourcing company with specialization in Remote Authentication Dial In User Service (RADIUS), miniOrange firmly believes in implementing RADIUS pass through authentication for its customers. As one of the leading information security companies, miniOrange provides the following Remote Authentication Dial In User Service (RADIUS) for its customers

  • Remote Authentication Dial In User Service (RADIUS) development and consultancy
  • Remote Authentication Dial In User Service (RADIUS) server installation, configuration, pass through authentication

Thousands of customers can not manage their own sites anymore because sites have grown in number and they easily become un-manageable. Thanks to Siteminder technology by CA, there is a way these sites can be managed. But how about access to these sites!!! You will need miniOrange technology to not only install, configure Siteminder but also write custom agents that can plugin with your choice of authentication and authorization software. As one of the leading information security companies, miniOrange provides the following Siteminder services for its customers

  • Siteminder installation
  • Siteminder configuration
  • Siteminder custom agent development and deployment

In addition to the above, miniOrange's core expertise is in writing security software. As one of the leading information security companies, miniOrange provides the following security services for its customers

  • Custom security software for implementation of asymmetric key algorithm
  • Public Key Infrastructure (PKI), encryption
  • Implementation of custom components that provide Confidentiality, Integrity, Availability, Authentication, Non Repudiation and Survivability.
  • Custom authentication modules that are password based, token based, soft token, hardware token, usb token, display token, push, mobile, biometric, otp over sms, otp over email, Certificate authentication
  • Custom Certification service, registration service, self service, admin console

As a trusted provider of cloud based single sign on, user authentication and fraud prevention solution, miniOrange has helped a number of customers with their most critical areas by effectively managing risks and achieving compliance.

Increasing usage of online and mobile technology is forcing Banks and Financial Institutions revisit security of their customers and transactions urgently. Cloud Adoption and Omni channel experience not only mandates the shift to increased security model but if not addressed can also be huge business and brand image risk as evidenced by recent increase of security breaches, Web vulnerabilities, Endpoint exploitation and Cyber Attacks around the world.


Setting up Tomcat Authenticator Valve

miniOrange can configure Tomcat using three authentication methods the Basic Authentication, Form Authentication and Authentication using valve. Below is the description of Custom Authentication using valve:

Tomcat Authenticator valve protects access to all or some webapps deployed in the tomcat instance. If the user is not authenticated, it sends a request to SAML plugin to authenticate the user.

It also manages the Single Sign On between the protected webapps (can be configured if you do not want single sign on between the protected apps).

TOMCAT valve authenticator flow