tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <>
Subject RE: Custom realm.authenticate() that would work with any realm - possible?
Date Thu, 01 Jan 1970 00:00:00 GMT
Hi Chuck,

Thanks for the pointer to the CombinedRealm, but, as I've been working with the test implementation
that I mentioned for extending the JNDIRealm, I *think* that I'm coming to the realization
that I was asking for is probably not possible, or at least not practical, unless I'm totally
missing something.

The reason I'm thinking this is that, for example, in the case where I'm extending the JNDIRealm,
in my custom JNDIRealm, I've had to make calls to the super.setXXXX() methods to set parameters
in the JNDIRealm class that I'm extending, in order for the calls that I then make to the
super class (e.g., super.getUser()) to work.

Again, I may be missing something, or doing things completely wrong, but if not, then that
means that if I was going to try go design my realm extender to support all of the normal
realm types, my code would get fairly complex, because it'd have to "know" all of the parameters
for all of the different realm types, in order to set the parameters in the super class. 
It was messy enough doing that for just one realm type (JNDIRealm), and for just calling two
methods in the super JNDIRealm class, but I imagine if I was trying to extend 5 or 6 realm
types, all in one piece of code, it'd be a real mess.

Anyway, if anyone has some insight into doing something like this, please post back.

Otherwise, I think the best approach is to implement one realm extension for each of the normal
Tomcat realms that we'll want to be able to support.

Thanks again,


---- "Caldarale wrote: 
> > From: [] 
> > Subject: Custom realm.authenticate() that would work with any realm - possible?
> > I was wondering if there might, perhaps, be another way to do what 
> > I'm trying to do (basically have an realm.authenticate() method that
> > doesn't require a password, but that would work with any realm? 
> Look at the CombinedRealm; you might be able to use your no-password realm in conjunction
with one of the others, since the doc says "Authentication against any Realm will be sufficient
to authenticate the user."  I don't know if that will get you the necessary roles established.
>  - Chuck
is thus for use only by the intended recipient. If you received this in error, please contact
the sender and delete the e-mail and its attachments from all computers.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message