tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <craig...@apache.org>
Subject Re: Custom Realm Implementation
Date Fri, 01 Feb 2002 22:30:52 GMT


On Fri, 1 Feb 2002, Renato Romano wrote:

> Date: Fri, 1 Feb 2002 18:02:16 +0100
> From: Renato Romano <r.romano@set-network.com>
> Reply-To: Tomcat Users List <tomcat-user@jakarta.apache.org>,
>      r.romano@set-network.com
> To: Tomcat Users List <tomcat-user@jakarta.apache.org>
> Subject: Custom Realm Implementation
>
> I'm trying to write my own Realm but have some problems...
> MyRealm extends JDBCRealm, overrides the authenticate method(Connection,
> String, String)
> and returns a CustomPrincipal which is My own implementation of Principal;
>
> When I try to log in, a get a "User userName successfully authenticated"
> message on the log, but the browser shows me a 403 error (You are not
> allowed ...)
>

Tomcat calls the hasRole() method of your Realm implementation in order to
check for the roles required to satisfy security constraints.  You'll want
to override this method as well, because the default method (in
AuthenticatorBase) assumes you are using one of the standard Realm
implementations that uses GenericPrincipal objects.

> Any idea ?
> Any document showing the process in details ?
> Thanks

Just the source code, at the moment :-(.

>
> Renato
>

Craig


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message