tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Layman <>
Subject RE: Custom authentication mechanism in Tomcat?
Date Thu, 01 Feb 2001 14:50:14 GMT

	Well, the source for Tomcat is open and available, and there is
already a class that authenticates against a database
(org.apache.tomcat.request.JDBCRealm) that seems like it would probably be a
good basis for whatever you are trying to do that it doesn't.  To get the
source, you can either use CVS to get the current source, or the I believe
there are src bundles of each release available where you downloaded Tomcat.


-----Original Message-----
From: Geoff Taylor []
Sent: Thursday, February 01, 2001 10:04 AM
Subject: Custom authentication mechanism in Tomcat?


I'd like to implement a custom authentication mechanism for Tomcat.  How
should I go about it?

OK, so that's a huge question.  I'll try and be a bit more specific: I'd
like to be able to authenticate users against a database.  I'm not afraid of
writing the code to do all this, but I'd like to get it right instead of
heading off in the wrong direction.  At the minute it works as a Filter, but
that doesn't allow you to use roles or security constraints.

So I suppose the question is how do I hook the user authentication code I
already have into the server so it's called to authenticate <login-config>s.
Or something.

Sorry if this has been asked before, or if the answer's in some obvious
place.  I really have looked around, I just haven't been able to find
anything relevant.

So, any pointers/clues/hints out there?

Many thanks,


To unsubscribe, e-mail:
For additional commands, email:

View raw message