tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dan Kha <dant...@YorkU.CA>
Subject Re: Custom Authentication
Date Tue, 22 Jan 2002 15:34:57 GMT

Hi Ricardo,

See if these help:
http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg35338.html
http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg41747.html

--
Dan Kha
Development Team
Computing & Network Services
York University, Toronto, Canada

On Tue, 22 Jan 2002, Ricardo Ramalho wrote:

> Hi ppl! Again....
>
> It looks like i wasn't very accurate in my first question here...
> What i wanted to do is something like this: (hope you guys can help) This is
> my actual Athentication class, with uses BASIC login.
>
>
> import java.lang.*;
> import java.sql.*;
> import javax.sql.*;
> import javax.naming.*;
> import java.io.*;
> import javax.servlet.*;
> import javax.servlet.http.*;
> import java.util.*;
> import java.security.*;
> import allaire.jrun.util.*;
> import allaire.jrun.security.*;
>
> public class Autentica implements AuthenticationInterface
> {
>     /**
>      * Initialize the authentication service
>      * @param props The properties for the service
>      */
>     public void init(OrderedProperties props) throws Exception
>     {
>             //Não se faz nada aki
>     }
>
>     /**
>      * Destroy the service
>      */
>     public void destroy()
>     {
>             //Não se faz nada aki
>     }
>
>     /**
>      * Authenticate the given user with the given credentials (such
>      * as a password).
>      * @param req The servlet request
>      * @param username The username to authenticate
>      * @param method The type of authentication method (BASIC, DIGEST, FORM,
>      * or CLIENT-CERT)
>      * @param credentials Password and/or other credentials necessary
>      * in authenticating the user
>      * @return The Principal associated with the given username, or null
>      * if authentication failed
>      */
>     public Principal authenticate(HttpServletRequest req, String username,
> String password) {
>                 Principal principal = null;
>   //tipos para a ligação à base de dados
>   Connection dbCon = null;
>   Statement dbStat = null;
>   String sqlStat = null;
>   ResultSet dbRes = null;
>
>                 // If we have a password, attempt to validate it
>                 if (password != null) {
>                         try {
>                                 String dbPass = null;
>                                 //Acesso à base de dados - apanhar uma
> conecção da pool de conexoes do JRun
>            InitialContext ctx = new InitialContext();
>            DataSource ds =
> (DataSource)ctx.lookup("java:comp/env/jdbc/test_db");
>            dbCon = ds.getConnection();
>            dbStat = dbCon.createStatement();
>                                 sqlStat = "SELECT passwd FROM users WHERE
> user='" + username + "'";
>                                 dbRes = dbStat.executeQuery(sqlStat);
>                                 dbRes.next();
>                                 dbPass = dbRes.getString(1);
>                                 if (dbPass.equals(password)) {
>                                         principal = new
> AuthenticatedPrincipal(username);
>                                 }
>                         } catch (Exception e) {
>                                 e.printStackTrace();
>                         }
>         }
>         return principal;
>     }
>
>     /**
>      * Determines if the given principal (user) has been granted the
>      * given role within this authentication realm.
>      * @param principal The principal (user) to verify
>      * @param role The role to verify
>      * @return true if the principal is part of the given role
>      */
>     public boolean isPrincipalInRole(Principal principal, String role)
>     {
>         return true;
>     }
> }
>
>
> Thank you for any help in advance
>
> -------------------------------------------------
> Ricardo Ramalho
> Carcavelos Lisbon Portugal
> EWorks Consulting
> -------------------------------------------------
>
>
>
> --
> To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
>


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message