tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Holman" <j.g.hol...@qmw.ac.uk>
Subject [PATCH] Catalina JNDIRealm - binding as the user
Date Tue, 15 May 2001 21:57:51 GMT
Here is a patch for the JNDI  realm in Catalina that supports authentication
by binding to the directory with the credentials specified by the user.

I've added a configuration parameter "bindAsUser" which defaults to "true".
If set to "false" the realm authenticates as before: ie it retrieves the
password from the directory and compares it explicitly with the presented
credentials.

For the moment I've kept JNDIRealm as a single implementation class, but it
would be trivial to split it into different classes for the two modes of
authentication, if that is thought better. I've not updated the initial
javadoc comment because this will depend on whether the class is split or
not.

Note that digest authentication is not supported in the default "bind" mode.
Torgeir has suggested that this might be possible - if so that would be
good.

As said before I'd like to add the ability to search the directory for the
user's dn to cover cases when a fixed pattern will not work, but will wait
to see the fate of this patch before going ahead.

Cheers, John


Mime
View raw message