tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: Is it possible to introduce new authentication method without modifying tomcat?
Date Thu, 07 Jun 2007 16:47:32 GMT
Andrei Tchijov wrote:
> Hi,
>     I want to be able to add my own authentication method 
> (login-config/auth-method) as one of possible choices.  Is it possible 
> to do so without re-compiling tomcat?  Ideally, I would love to be able 
> to achieve my goal by changing server.xml file (and adding some jars 
> with my custom code to tomcat).
> Before any one suggested that I should write custom Realm: I think it 
> will not work for me. My authentication method require access to ALL 
> information available from HTTP Request (not just user name/password) 
> also in some situations, access to HTTP Response is required as well. It 
> looks like this method:
>     protected abstract boolean authenticate(Request request,Response 
> response,LoginConfig config) throws IOException;
> or AuthenticatorBase class is the best place to be.
> Your comments will be highly appreciated,

Have you looked into using a JAASRealm?


> Andrei Tchijov
> ---------------------------------------------------------------------
> To start a new topic, e-mail:
> To unsubscribe, e-mail:
> For additional commands, e-mail:

View raw message