tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Juanjo C <jjcuadr...@gmail.com>
Subject Re: Custom realm.authenticate() that would work with any realm - possible?
Date Wed, 14 Dec 2011 23:51:54 GMT
Hi,
I'm sure that the response can't be so simple. Surely my English don't
allows me understand the cuestion.

I don't know why you want do it, but if you want realy to do an login
without password, you can use Jaas.

It's a bit complicated explain it here, but if you be able to read Spanish
you can try here
http://finger-in-the-eye.blogspot.com/2011/09/modulo-de-login-personalizado-para.html?m=1

Bye
El 09/12/2011 04:19, <ohaya@cox.net> escribió:

> Hi,
>
> This is a followup to an earlier thread, "Do any of the Tomcat LDAP-type
> realms support "no password" authentication?".
>
> As I mentioned in that earlier thread, I'm still new to Tomcat, and still
> trying to find my way around, and understand (somewhat) its security
> design, so apologies in advance if my terminology is incorrect.
>
> Ok.
>
> I've been experimenting with writing what I think is called a custom
> realm, that would have a "no password" authenticate() method.
>
> What I think that I've been able to do is to implement a new realm where
> all I do in my code is override the uthenticate(Context, string, string)
> method.
>
> For my initial attempt, I'm just extending the JNDIRealm, and just
> overriding that one method, and I think that this works.
>
> However, ideally, I really want to be able to do this (override the
> authenticate() method with any of the default realms that come with Tomcat,
> whereas with the approach that I'm currently working (extending the
> JNDIRealm), in order to do this for all the different realm types, I'd have
> to implement something similar, with a custom realm corresponding to each
> of the out-of-box
> Tomcat realm types.
>
> That might be ok, but I was wondering if there might, perhaps, be another
> way to do what I'm trying to do (basically have an realm.authenticate()
> method that doesn't require a password, but that would work with any realm?
>
> Thanks,
> Jim
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message