tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Jalali" <a...@ubudesign.com>
Subject Adding a Customized authenticator
Date Sat, 25 Feb 2006 21:00:35 GMT
Hello,

I would like to extend the DigestAuthenticator class or BaseAuthenticator
and use that instead of the tomcat default. I have done that but I don't
know how to have it referenced in web.xml under security-constraint. Or
maybe in server.xml similar to the way you can create a customized Ream and
have it referenced in the server.xml as your custom realm.

Is there a <class-name> element I can add perhaps under security-constraint
element?
I like to add something like this to let tomcat know that it should use this
for authentication instead..

???
<authenticator>
	<class-name>com.xxx.MyAuthenticator</class-name>
</authenticator>
???


I have this in my web.xml. 


 <security-constraint>
    <web-resource-collection>
      <web-resource-name>MyFooRealm</web-resource-name>
      <description>xxx</description>
      <url-pattern>/*</url-pattern>
     <http-method>GET</http-method> 
     <http-method>OPTIONS</http-method> 
	 <http-method>POST</http-method>
	 <http-method>PUT</http-method>
	 <http-method>HEAD</http-method>
	 <http-method>PROPFIND</http-method>
	 <http-method>PROPPATCH</http-method>
	 <http-method>MKCOL</http-method>
	 <http-method>COPY</http-method>
	 <http-method>MOVE</http-method>
	 <http-method>DELETE</http-method>
	 <http-method>LOCK</http-method>
	 <http-method>UNLOCK</http-method>
    </web-resource-collection>
    <auth-constraint>
      <description>xxx</description>
      <role-name>xxx</role-name>
    </auth-constraint>
    <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint> 
  </security-constraint>
  <login-config>
    <auth-method>DIGEST</auth-method>
	<realm-name>Server Realm</realm-name>
  </login-config>

  <security-role>
    <description>Authorized  Users Group</description>
    <role-name>xxx</role-name>
  </security-role>





Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message