I worked on a xwiki Kerberos authentication system. I've almost finished but i've some last problems : i'm using an apache server in front of my xwiki tomcat server to perform kerberos authentication with mod_kerb. So i've created a php webpage (protected by a .htaccess file which perform kerberos authentication) on my apache server, which redirects user to: .../xwikiLogin?j_username=toto&j_password=012345789 (toto which is the name get by kerberos authentication, and 0123456789 which is not kerberos password but a secret generated for each user by the php webpage). I've developped an AuthService for xwiki which authenticate users with passwords created by php webpage (this authentication system use shared secret between apache and tomcat). So if a user (already authenticate on the KDC) went to my php webpage, he would be automatically redirected to xwiki webHome and logged in! But actually users must go to my php webpage to be logged in automatically, i would like this system to work for all xwiki pages (for example : a user who go to a xwiki page without being authentified, would be redirected to my php webpage which redirects him to the xwiki specified page after authentication). I tried to use Balancer Webapp with xwiki from tomcat5, but it created loop (endless redirections beetwen xwiki and the php webpage). So if someone have any ideas ?