tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shapira, Yoav" <Yoav.Shap...@mpi.com>
Subject RE: Possible to Authenticate from Servlet/Webapp Code?
Date Tue, 07 Dec 2004 15:51:15 GMT

Hi,
The Spec-mandated, and therefore portable, approach is via the web.xml
declarative security.

The Tomcat-specific way would mean you navigate down the container
hierarchy, starting with ServerFactory.getServer, down to Service,
Engine, Host, to find your Realm object.  You could probably do this
once on your app startup, e.g. in a listener or filter init.

Yoav Shapira http://www.yoavshapira.com
 

>-----Original Message-----
>From: Sawlor.TM@forces.gc.ca [mailto:Sawlor.TM@forces.gc.ca]
>Sent: Tuesday, December 07, 2004 10:45 AM
>To: tomcat-user@jakarta.apache.org
>Subject: Possible to Authenticate from Servlet/Webapp Code?
>
>Question:
>---------
>Is there a way to authenticate a user to the container (including SSO)
from
>within a servlet? Something like:
>
>protected void service(HttpServletRequest req, HttpServletResponse
resp) {
>    Realm tomcatRealm = //how to get the realm???
>    tomcatRealm.authenticate("dauser", "dauserspassword");
>    ...
>}
>
>Other Info:
>-----------
>I know how to configure the custom login pages, etc., but I need a way
to
>authenticate in two places at once, due to a legacy application.
>
>It seems like this should be easy to do, so I expect I'm missing
something
>obvious, but I simply can't figure out how to do it. I've been
searching
>for
>a while...
>
>While standards-based would be better, a Tomcat-specific way would be
fine
>as well.
>
>--
>Tim Sawlor
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message