tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <>
Subject Re: Seamless Container Authentication
Date Thu, 22 Dec 2005 04:15:30 GMT
Assuming that your Realm is really an o.a.c.Realm, then all you need is to 
write an Authenticator to work with your Realm.  Something like:
   public class MyAuthenticator extends 
org.apache.catalina.authenticator.AuthenticatorBase {
      public boolean authenticate(Request request, Response response 
LoginConfig config)
         throws IOException {
            MyRealm realm = (MyRealm)context.getRealm();
            Principal principal = realm.authenticate(request);
            if(principal == null) {
                 response.sendError(401, "Not Authorized");
                 return false;
           return true;

Package it in a jar in server/lib, and then in your context.xml do something 
          <Valve className="com.myfirm.mypackage.MyAuthenticator" />
          <Realm className="com.myfirm.mypackage.MyRealm" />

"Kenny, Robert" <> wrote in message
Our users don't currently logon to our Tomcat servers directly; they are
redirected to the Tomcat servers with their encrypted credentials (a
security token). Our Tomcat Database Realm then seamlessly
re-authenticates the user on the Tomcat server.

We currently don't use Tomcat's container management for this but would
like to but we need a way to logon to a Tomcat server instance
seamlessly using the security credentials provided on the URL. We
currently call servlets that then call the Database Realm directly.

Is there a way to configure Tomcat so that when a protected resource is
accessed it will attempt to authenticate the user to the container from
the remote/custom Security Credentials in the URL before prompting the
user for their Security Credentials ('j_security_check' logon page)?



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message