tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Tchijov <and...@tchijov.com>
Subject Re: Is it possible to introduce new authentication method without modifying tomcat?
Date Thu, 07 Jun 2007 16:13:26 GMT
sZabi,
	Thnkx for response. I am actually already using similar approach.   
It is easy to implement, but it has one problem (from my point of  
view). It is not very "user friendly".  It is much easier to explain  
to end user that if he/she is using "FORM" as authentication method,  
all he/she need to do to start use my authentication IN ADDITION to  
FORM is replace "FORM" with "ACME-FORM" in web.xml file. I would love  
to register  one "ACME-xxx" authenticator for each of standard ones  
so it does my special authentication + what ever standard one is doing.
	Thnkx again,

Andrei Tchijov



On Jun 7, 2007, at 12:01 PM, Szabolcs Márton wrote:

> Hi!
>
> its an options, i use sometime.
> Create a filter.
>
> a class likes this.
> public class AuthenticationFilter implements Filter {
>
> 	private static Logger log = Logger.getLogger 
> (AuthenticationFilter.class);
>
> 	public void doFilter(ServletRequest request, ServletResponse
> response, FilterChain chain)
> 			throws IOException, ServletException {
>
> ....
>
> add in web.xml this:
>
> 	<filter>
> 		<filter-name>myAuthfilter</filter-name>
> 		<filter-class>
> 			poker.web.filters.AuthenticationFilter
> 		</filter-class>
> 		<init-param>
> 			<param-name>LoginURL</param-name>
> 			<param-value>/login</param-value>
> 		</init-param>
>
> 		<init-param>
> 			<param-name>DeniedURL</param-name>
> 			<param-value>/denied.jsp</param-value>
> 		</init-param>
> 		
> 	</filter>
>
> 	<filter-mapping>
> 		<filter-name>myAuthfilter</filter-name>
> 		<url-pattern>/*</url-pattern>
> 	</filter-mapping>
>
>
> you can map a filter to an url-pattern, in this example everything.
> in the filter you have the request and response as well.
> you could create a response here, so its not get called the servlet,
> or anything you called, because the filter dont let.
> Or you can say to the filter to countine the processing,  (when  
> authenticated)
>
> read about this on google for details.
>
> i like this because its so simple, and so fast.
>
> regards,
> sZabi
>
>
>
>
>
> 2007/6/7, Andrei Tchijov <andrei@tchijov.com>:
>> Hi,
>>         I want to be able to add my own authentication method  
>> (login-config/
>> auth-method) as one of possible choices.  Is it possible to do so
>> without re-compiling tomcat?  Ideally, I would love to be able to
>> achieve my goal by changing server.xml file (and adding some jars
>> with my custom code to tomcat).
>>
>> Before any one suggested that I should write custom Realm: I think it
>> will not work for me. My authentication method require access to ALL
>> information available from HTTP Request (not just user name/password)
>> also in some situations, access to HTTP Response is required as well.
>> It looks like this method:
>>
>>         protected abstract boolean authenticate(Request  
>> request,Response
>> response,LoginConfig config) throws IOException;
>>
>> or AuthenticatorBase class is the best place to be.
>>
>>
>> Your comments will be highly appreciated,
>>
>> Andrei Tchijov
>>
>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message