tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Authenticating Users
Date Mon, 23 Feb 2009 01:43:36 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alan,

On 2/22/2009 4:47 PM, Alan Chaney wrote:
> From my point of view, as I don't use hashed passwords at the moment the
> easiest thing to do is to modify the DataSourceRealm as suggested by
> Mark Thomas. However, I think that the ability to extend the login
> system to use either a user name or an email address would probably be
> useful for other people.

I think it might be easier than you think.

Here's the code for DataSourceRealm's SQL query builder for the
"credential selection" (TC 6.0.16):

        // Create the credentials PreparedStatement string
        temp = new StringBuffer("SELECT ");
        temp.append(userCredCol);
        temp.append(" FROM ");
        temp.append(userTable);
        temp.append(" WHERE ");
        temp.append(userNameCol);
        temp.append(" = ?");
        preparedCredentials = temp.toString();

All you need to do is hack the start() method (which builds the SQL
queries) plus the credentials() method and you should be good to go. You
could create a relatively inelegant system of <Realm> attributes that
would build a more complex query, or you could just hack the realm and
be done with it.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmh/0gACgkQ9CaO5/Lv0PAYVQCgvDo9FpFQd4zxgmuG66zqNe1y
MlUAn3MmLx8Bb4LScyhXPpfIspcCKygu
=8PUl
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message