tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Tchijov <and...@tchijov.com>
Subject Re: Is it possible to introduce new authentication method without modifying tomcat?
Date Fri, 08 Jun 2007 02:53:22 GMT
Bill,
	Tomcat will use my authenticator regardless of  "login-config/auth- 
method" setting? If it is the case, how my Authenticator can figure- 
out what auth-method was configured (normally my authentication  
method will be used in-addition to what ever standard method has been  
used)?
	Thanks,

Andrei

On Jun 7, 2007, at 9:51 PM, Bill Barker wrote:

>
> "Andrei Tchijov" <andrei@tchijov.com> wrote in message
> news:96E0DEA3-0DFB-4AAC-B0B6-2A16D5896CB0@tchijov.com...
>> I understand. My problem it twofold. In order to make an   
>> authentication
>> decision ...
>> - I need to have an access to some information from HTTP Request,
>> - I need to be able build HTTP Response (basically, I need to be   
>> able to
>> issue challenge in response to authentication request).
>> As I stated in my original post, I think that right place to put this
>> kind of functionality is authenticator. My original question was,  
>> if  it
>> is possible to register new Authenticator without re-compiling   
>> Tomcat.
>>
>>
>
> Yes, it is possible.  You just create your own Authenticator class  
> (probably
> extending Tomcat's AuthenticatorBase and implementing the authenticate
> method).  Then you do:
>    <Context ......>
>        <Valve className="com.myfirm.mypackage.MyAuthenticator" .... />
>         ....
>    </Context>
> This will cause Tomcat to use your Authenticator instead of one of  
> it's own.
>
>> On Jun 7, 2007, at 5:06 PM, Caldarale, Charles R wrote:
>>
>>>> From: Andrei Tchijov [mailto:andrei@tchijov.com]
>>>> Subject: Re: Is it possible to introduce new authentication
>>>> method without modifying tomcat?
>>>>
>>>> I was just commenting that I can not see how JAASRealm
>>>> (or any Realm for that matter) can help me
>>>
>>> Specifying JAASRealm as the <Realm> gives you the opportunity to
>>> implement your own LoginModule.  Such a LoginModule can utilize any
>>> number of authentication mechanisms - all under your control.
>>>
>>>  - Chuck
>>>
>>>
>>> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE   
>>> PROPRIETARY
>>> MATERIAL and is thus for use only by the intended recipient. If you
>>> received this in error, please contact the sender and delete the  
>>> e- mail
>>> and its attachments from all computers.
>>>
>>> -------------------------------------------------------------------- 
>>> -
>>> To start a new topic, e-mail: users@tomcat.apache.org
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message