tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <>
Subject Re: Pleas help (Custom Authenticator & Reaml Problem)
Date Sat, 27 Sep 2003 04:38:24 GMT
I agree with Tim that custom Authenticators can be 'icky'.  Fortunately, in
Tomcat 5 there is almost no need for one.  However, in Tomcat 4, there is
still a valid use case for them.

You can avoid messing with by explicitly
configuring your Authenticator like:
  <Context path="/myapp" docBase="myapp">
     <Valve className="com.myfirm.mypackage.MyAuthenticator" ... />

To check that your Authenticator has been called, the easiest is to simply
add some debugging logging statements.  It probably is being called from
your description.

Of course, these are all generic comments, since you haven't provided enough
info to attempt to guess what is wrong (other than the Authenticator isn't
setting the Principal :).

"Lawence" <> wrote in message
> Dear all,
> I wrote my own authenticator (extends FormAuthenticator) & realm (extends
JDBCRealm).  What I need is to check one more field in the database besides
password for authentication. Only minor modifications are made on the
original codes so I think it should be fine. What I also did include
changing the org/apache/catalina/startup/
> file to add the new authenticator; modifying the server.xml and web.xml
accordingly. Furthermore, I added the entries for my authenticator and realm
in the mbeans-descriptor.xml file.
> I expected everything to work perfectly but when I tried to access the
secured area, I got the following error:
> HTTP Status 500 - Configuration error: Cannot perform access control
without an authenticated principal
> ---------------------------------
> type Status report
> message Configuration error: Cannot perform access control without an
authenticated principal
> description The server encountered an internal error (Configuration error:
Cannot perform access control without an authenticated principal) that
prevented it from fulfilling this request.
> This error was triggered instantly. I mean I even did not have a chance to
see the login webpage. Now I have several questions:
> What is the flow of the authentication? Was my authenticator got executed
at all?
> Any suggestions would be greatly appreciated.
> ---------------------------------
> Do you Yahoo!?
> The New Yahoo! Shopping - with improved product search

View raw message