tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Funk <funk...@joedog.org>
Subject Re: Pleas help (Custom Authenticator & Reaml Problem)
Date Fri, 26 Sep 2003 23:29:00 GMT
To save you lots of headaches, can you just use a filter to perform 
authorization and let JDBCRealm do the authentication?

(IIRC) The authenticators do authentication and authorization by delegating 
some of those tasks to the Realm. But all the bookkeeping needs to be done by 
the authenticator valve. A pretty icky topic.

-Tim


Lawence wrote:
> Dear all,
>  
> I wrote my own authenticator (extends FormAuthenticator) & realm (extends JDBCRealm).
 What I need is to check one more field in the database besides password for authentication.
Only minor modifications are made on the original codes so I think it should be fine. What
I also did include changing the org/apache/catalina/startup/Authenticators.properties
> file to add the new authenticator; modifying the server.xml and web.xml accordingly.
Furthermore, I added the entries for my authenticator and realm in the mbeans-descriptor.xml
file.
>  
> I expected everything to work perfectly but when I tried to access the secured area,
I got the following error:
> HTTP Status 500 - Configuration error: Cannot perform access control without an authenticated
principal
> ---------------------------------
> 
> type Status report
> 
> message Configuration error: Cannot perform access control without an authenticated principal
> 
> description The server encountered an internal error (Configuration error: Cannot perform
access control without an authenticated principal) that prevented it from fulfilling this
request.
> 
> This error was triggered instantly. I mean I even did not have a chance to see the login
webpage. Now I have several questions:
>  
> What is the flow of the authentication? Was my authenticator got executed at all?
>  
> Any suggestions would be greatly appreciated.



Mime
View raw message