tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Webdav servlet authentication, authorization
Date Wed, 14 Nov 2007 17:17:19 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gabor,

Gabor Szokoli wrote:
> On Nov 13, 2007 10:11 PM, Mark Thomas <markt@apache.org> wrote:
>> Gabor Szokoli wrote:
>>> My vague idea is to use a servlet filter to do the authentication,
>>> which could doctor the request URL path or parameters to include the
>>> authorization details.
>> That sounds plausible.
> 
> Thank you, we'll give it a try then.

Might I suggest taking a look at securityfilter
(http://securityfilter.sourceforge.net). Using that as a jumping-off
point could significantly reduce the amount of work you need to do.

Use of the FlexibleRealmInterface (which is poorly documented at this
point, but there's not much code in the entire project) gives you access
to the HttpServletRequest directly, so you can query anything you want
from LDAP and stuff it into request parameters -- potentially for a
second filter to pick up and modify the request.

Just a thought.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHOy2f9CaO5/Lv0PARAjBtAJ98p12kS1gySK7k0fBYSbUxdFVvCwCfZSra
XryP6Tg40u5r6dLI8JDMpyA=
=7ZSP
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message