tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Wulff <oliver.wu...@zurich.ch>
Subject Antwort: Re: JAAS LoginModule ?
Date Fri, 30 May 2003 07:08:48 GMT





The problem with filters is:
>>>
The problem is that the security contrains are evaluated before the
filter. So I guess that you may have to implement that what you want to
achive with the constraints on your own. (Or you have to configure apache
to do it, and this way omit the constraints from tomcat.)

One tomcat specific way to come around that may be a Valve. (It is called
before any filter, but I don't know if it is called before the evaluation
of the constraints)
<<<

I get this information some months ago from Ralph Einfeldt.
Authentication is not part of the J2EE specification. So, if you want to
customize this step, you have to do it individually for each container.

Oliver




                                                                                         
                                             
                      "Bill Barker"                                                      
                                             
                      <wbarker@wilshir         An:      tomcat-user@jakarta.apache.org
                                                
                      e.com>                   Kopie:                                 
                                                
                      Gesendet von:            Thema:   Re: JAAS LoginModule ?           
                                             
                      news                                                               
                                             
                      <news@main.gmane                                                
                                                
                      .org>                                                           
                                                
                                                                                         
                                             
                                                                                         
                                             
                      30.05.2003 09:06                                                   
                                             
                      Bitte antworten                                                    
                                             
                      an "Tomcat Users                                                   
                                             
                      List"                                                              
                                             
                                                                                         
                                             
                                                                                         
                                             




Nope. Realms and Authenticators are Tomcat-specific.   There are reports on
this list of people using Filters to do much the same thing (i.e. search
the
archives).

"Eric Chow" <echow@macaucabletv.com> wrote in message
news:000501c3265d$f1be4b20$5c64a8c0@mctv...
> How can I do if I want to implmenet an Authenicator that can use in any
> other application servers.(JBoss, WebLogic, etc) ?
>
> Eric
>
>
>
> ----- Original Message -----
> From: "Bill Barker" <wbarker@wilshire.com>
> To: <tomcat-user@jakarta.apache.org>
> Sent: Friday, May 30, 2003 11:50 AM
> Subject: Re: JAAS LoginModule ?
>
>
> > It really depends on what you need to do.  For the simplest case, you
> > implement your own Realm (public class MyRealm implements
> > org.apache.cataliana.Realm), and configure it in server.xml like
anyother
> > Realm.  In TC 4.x, Realms don't have access to the Request/Response:
They
> > just get the login credentials, and are expected to validate them (or
not
> > :).
> >
> > If you need more control on authentication, then you need to implement
a
> > custom Authenticator (public class MyAuthenticator implements
> > Valve,Authenticator).  This class gets full control over authenticating
a
> > Request, and can access anything in the Request/Response.  You
configure
> it
> > via:
> > <Context path="/myapp" docbase="webapps/myapp">
> >    <Valve className="com.myfirm.mypackage.MyAuthenticator" .... />
> > </Context>
> >
> > Neither of these (but especially the second) plays well with the admin
> > webapp.
> >
> > "Eric Chow" <echow@macaucabletv.com> wrote in message
> > news:001c01c3264d$f8528240$5c64a8c0@mctv...
> > > Hello,
> > >
> > > In Tomcat, we can use container based authorization.
> > >
> > > Those username/password information can be place in a XML files or
use
> > > DBRealm, right ?
> > >
> > >
> > > How can I implement a login module, so that the Web Container will
> called
> > my
> > > module instead of the default login module.
> > >
> > > For example, the following is my login.jsp.
> > >
> > > <form action="j_security_check" method="post" name="fm">
> > >    <input name="j_username">
> > >    <input name="j_password">
> > >    <input type="submit" value="Login">
> > > </form>
> > >
> > > When the above submit, it will pass to my LoginModule, how can I
> implement
> > > that part?
> > >
> > > Best regards,
> > > Eric
> > >
> > > ==========================
> > > If you know what you are doing,
> > > it is not called RESEARCH!
> > > ==========================
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message