tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Armstrong <a...@tagish.com>
Subject Re: realms and authentication
Date Mon, 04 Jun 2001 23:30:08 GMT
Is this not more or less what JAAS does? There are a number of JAAS
modules at http://free.tagish.net/ that implement among other things a
JDBC Authentication provider.

Michael Jennings wrote:
> 
> Hi everyone,
> 
> Just for my own education, I decided to write my own authentication-stuff
> for tomcat 3.2.2
> 
> To that end I wrote a Request Interceptor that takes 2 parameters
> called "realmProviderClass" and "setupString".
> 
> The "realmProviderClass" is the fully-qualified class name of a class which
> implements
> the "RealmProvider" interface which looks like the following:
> 
> public interface RealmProvider
> {
> public boolean authenticate(String username, String credentials) throws
> Exception;
> public String[] getUserRoles(String username) throws Exception;
> public boolean initialize(String setupstring) throws Exception;
> public void shutdown() throws Exception;
> }
> 
> The "setupString" parameter is passed to the initialize method of the
> RealmProvider class
> during context initialization.
> 
> I thought that this might be an easy way to implement various different
> authentication schemes
> by delegating to a "RealmProvider". One could write a "SimpleRealmProvider"
> or a "JDBCRealmProvider"
> etc.
> 
> Does anyone think this might be a good idea for inclusion in tomcat?
> -Mike
> 
> ______________________
> Mike Jennings
> Southgate  Software Ltd.
> 250-382-6851 (ph)
> 250-382-6800 (fax)
> southgate.software@home.com

-- 
Andy Armstrong, Tagish

Mime
View raw message