tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sawlor...@forces.gc.ca
Subject RE: Possible to Authenticate from Servlet/Webapp Code?
Date Wed, 08 Dec 2004 19:11:50 GMT
Thanks for the info Yoav; however, I've tried what you suggested, and
everything I can think of myself, and no luck.

I don't know of anything in the declarative security that would help with
this. Most of my apps use the standard for security, but there's one app
that uses it's own login from a database. I created my own Realm that uses
its table structure, thinking that in the login of this app, I could simply
get a reference to the Realm, pass the credentials to it and bingo, I'm
authenticated in both. 

I have tried:
1. Navigating the tomcat class hierarchy: problem is with class loaders.
When I'm in the webapp and I do ServerFactory.getServer(), there are no
services configured (ie ServerFactory.getServer().findServices() returns an
empty array.
2. Placing my custom Realm in the common/lib, so it would be available to
all classes. Then the catalina classes (which I extend, particularly
JdbcRealm) aren't visible causing ClassNotFoundExceptions on startup.
There's no way to break out of these dependencies that I can see.
3. Binding the Realm into JNDI from within the Realm constructor. Doesn't
seem to work, getting javax.naming.NameNotFoundException: Name java:comp is
not bound in this Context. Because the Realm is created first off, I don't
think the JNDI contexts are set up. 

Is there some way I could do it through the MBeans maybe? 

Any other ideas, or even explanations of why I'm bone-headed are
appreciated! :) 

Thanks in advance,
Tim Sawlor


-----Original Message-----
From: Shapira, Yoav [mailto:Yoav.Shapira@mpi.com]
Sent: Tuesday, 7, December, 2004 11:51 AM
To: Tomcat Users List
Subject: RE: Possible to Authenticate from Servlet/Webapp Code?



Hi,
The Spec-mandated, and therefore portable, approach is via the web.xml
declarative security.

The Tomcat-specific way would mean you navigate down the container
hierarchy, starting with ServerFactory.getServer, down to Service,
Engine, Host, to find your Realm object.  You could probably do this
once on your app startup, e.g. in a listener or filter init.

Yoav Shapira http://www.yoavshapira.com


>-----Original Message-----
>From: Sawlor.TM@forces.gc.ca [mailto:Sawlor.TM@forces.gc.ca]
>Sent: Tuesday, December 07, 2004 10:45 AM
>To: tomcat-user@jakarta.apache.org
>Subject: Possible to Authenticate from Servlet/Webapp Code?
>
>Question:
>---------
>Is there a way to authenticate a user to the container (including SSO)
from
>within a servlet? Something like:
>
>protected void service(HttpServletRequest req, HttpServletResponse
resp) {
>    Realm tomcatRealm = //how to get the realm???
>    tomcatRealm.authenticate("dauser", "dauserspassword");
>    ...
>}
>
>Other Info:
>-----------
>I know how to configure the custom login pages, etc., but I need a way
to
>authenticate in two places at once, due to a legacy application.
>
>It seems like this should be easy to do, so I expect I'm missing
something
>obvious, but I simply can't figure out how to do it. I've been
searching
>for
>a while...
>
>While standards-based would be better, a Tomcat-specific way would be
fine
>as well.
>
>--
>Tim Sawlor
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




This e-mail, including any attachments, is a confidential business
communication, and may contain information that is confidential, proprietary
and/or privileged.  This e-mail is intended only for the individual(s) to
whom it is addressed, and may not be saved, copied, printed, disclosed or
used by anyone else.  If you are not the(an) intended recipient, please
immediately delete this e-mail from your computer system and notify the
sender.  Thank you.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message