tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "zhu quanxin" <zhuquan...@gmail.com>
Subject Re: Programmic login to tomcat using username and password
Date Thu, 06 Sep 2007 05:31:13 GMT
Hi, Dave

    I am looking for tomcat API for doing programmic login. I read the
source code of org.apache.catalina.authenticator.SingleSignOn, and
find that it contains a method called reauthenticate maybe helpful.

protected boolean reauthenticate(String ssoId, Realm realm,
                                     Request request) {

        if (ssoId == null || realm == null)
            return false;

        boolean reauthenticated = false;

        SingleSignOnEntry entry = lookup(ssoId);
        if (entry != null && entry.getCanReauthenticate()) {

            String username = entry.getUsername();
            if (username != null) {
                Principal reauthPrincipal =
                        realm.authenticate(username,
entry.getPassword());
                if (reauthPrincipal != null) {
                    reauthenticated = true;
                    // Bind the authorization credentials to the request
                    request.setAuthType(entry.getAuthType());
                    request.setUserPrincipal(reauthPrincipal);
                }
            }
        }

        return reauthenticated;
    }

but when I use those code in my application(for example a servlet), it
could not work. I think I could not get the instance of realm in
tomcat server.


do you have a better idea about programmic login, and how to write it?

Thanks a lot~
zhu quanxin



2007/9/6, Dave <javaone9@yahoo.com>:
> I think this feature is very basic. Everything should have a programmatic way.
>
> zhu quanxin <zhuquanxin@gmail.com> wrote:  hi,David,
>
> My aim is that tomcat could authenticate users without promoting
> any login form. I give out the userID and password in the servlet
> code. when users navagate the servlet page, they would login to tomcat
> as that userID identity.
>
>
>
> Thanks a lot!
> Zhu quanxin
>
>
>
> 2007/9/6, David Delbecq :
> > Hi,
> >
> > Am not sure to understand what you want to do. You want to login user
> > without requiring it, ever, to authenticate? That seems to me quite
> > paradoxal. Maybe you should explain a bit more what you try to achieve...
> >
> > 朱全鑫 a écrit :
> > > Hi,
> > >
> > > I have already enabled the SSO function in server.xml. It could be
> > > promoted the challenge once when I visit the first webapp and without
> > > login to all the webapps in the host. But I do not want any login form
> > > promoted to users. So my point is, how do I write code in a jsp or
> > > servlet to auto login to the first webapp without the login-form
> > > promoted to users.
> > > For example, in websphere application server, the following code
> > > could be auto login to the server, If we give the right username and
> > > password pair.
> > >
> > > code begin
> > > ------------------
> > > LoginContext lc = null;
> > >
> > > try {
> > > lc = new LoginContext("WSLogin",
> > > new WSCallbackHandlerImpl("userName", "password"));
> > > } catch (LoginException le) {
> > > System.out.println("Cannot create LoginContext. " + le.getMessage());
> > > // Insert the error processing code
> > > } catch(SecurityException se) {
> > > System.out.println("Cannot create LoginContext." + se.getMessage());
> > > // Insert the error processing code
> > > }
> > >
> > > try {
> > > lc.login();
> > > } catch (LoginException le) {
> > > System.out.println("Fails to create Subject. " + le.getMessage());
> > > // Insert the error processing code
> > > ----------------
> > > code end
> > >
> > > I do not know if tomcat provide some APIs like the above, and we
> > > could use the API to programmic login to the tomcat server. and where
> > > to find the instruction to use the API?
> > >
> > >
> > > Many Thanks!
> > > Zhu quanxin
> > >
> > >
> > >
> > > 2007/9/5, David Delbecq :
> > >
> > >> http://tomcat.apache.org/tomcat-5.5-doc/config/host.html
> > >>
> > >> See section about single-sign. This share credential between webapps.
> > >>
> > >> Note: it's not a "programamtic". It just let all your application share
> > >> a same authentification token. Once you authenticate using J2EE
> > >> compliant method in application X, it's not necessary to login into
> > >> other application Y on same host that is also using J2EE compliant
> > >> authentification mecanism.
> > >>
> > >> En l'instant précis du 05/09/07 16:51, 朱全鑫 s'exprimait en ces termes:
> > >>
> > >>> hi, everyone
> > >>>
> > >>> I meet a problem about programmic login. I setup a tomcat server,
> > >>> and deploy two WAR files (applications) on it. One of the application
> > >>> A is protected by server authentication, and the other application
B
> > >>> is not. I want to setup a scenario : when user navigates the
> > >>> application B, he could programmic login to tomcat using username and
> > >>> password that is coded in the application of B, and then he
> > >>> navigates the application A in the same browser, he never needs to
> > >>> response the challenge promoted by application A.
> > >>>
> > >>> I would very appreciate if someone could help me.
> > >>>
> > >>> Thanks
> > >>>
> > >>> Zhu Quanxin
> > >>>
> > >>> ---------------------------------------------------------------------
> > >>> To start a new topic, e-mail: users@tomcat.apache.org
> > >>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > >>> For additional commands, e-mail: users-help@tomcat.apache.org
> > >>>
> > >>>
> > >> --
> > >> http://www.noooxml.org/
> > >>
> > >>
> > >> ---------------------------------------------------------------------
> > >> To start a new topic, e-mail: users@tomcat.apache.org
> > >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > >> For additional commands, e-mail: users-help@tomcat.apache.org
> > >>
> > >>
> > >>
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
>
> --
> 致
> 礼!
>
> 朱全鑫
>
>
>
> ---------------------------------
> Be a better Globetrotter. Get better travel answers from someone who knows.
> Yahoo! Answers - Check it out.


-- 
                       致
礼!

                                   朱全鑫
Mime
View raw message