tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Layman <>
Subject RE: Custom authentication mechanism in Tomcat?
Date Thu, 01 Feb 2001 15:41:39 GMT

	I believe (I'm not looking at my copy of the spec right now) that
the method of authentication is up to the servlet engine.  My main reason
for saying this is that its in the server.xml file, and almost everything in
this file is Tomcat-specific.  If it was in the web.xml file, then I would
believe that it was part of the standard.


-----Original Message-----
From: Geoff []
Sent: Thursday, February 01, 2001 11:08 AM
Subject: Re: Custom authentication mechanism in Tomcat?

From: "Randy Layman" <>
> Well, the source for Tomcat is open and available, and there is
> already a class that authenticates against a database
> (org.apache.tomcat.request.JDBCRealm) that seems like it would probably be
> good basis for whatever you are trying to do that it doesn't.

Thanks for that - I'll investigate that now.  Is there any 'standard' way of
hooking in to the authentication mechanism?  The JDBCRealm approach looks
good but also looks to be Tomcat-specific.  Or is the standard 'hands-off'
in this area?



To unsubscribe, e-mail:
For additional commands, email:

View raw message