tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <...@pidster.com>
Subject Re: Two auth methods for one application
Date Thu, 02 Feb 2012 15:28:45 GMT
On 02/02/2012 15:00, Christopher Schultz wrote:
> Jan,
> 
> On 2/2/12 6:26 AM, Jan Vávra wrote:
>> Is it possible to configure tomcat to call both variants of
>> functions? I'd like to write something like
>> <auth-method>CLIENT-CERT or BASIC</auth-method>.
> 
> The servlet spec doesn't support anything like this. I think what
> you'll have to do is write your own Authenticator. You can configure
> your own Authenticator by registering a <Valve> that is an
> Authenticator in your webapp's <Context>. Just write your own code and
> register it using <Valve>.
> 
> You can look at the documentation for, say, BasicAuthenticatorValve:
> http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html#Basic_Authenticator_Valve
> 
> And you're going to want to extend AuthenticatorBase.
> 
> Tomcat has a "CombinedRealm" which allows authentication against one
> of several sub-realms (like LDAP /or/ JDBC), but does not have a
> CombinedAuthenticator, which might be a useful addition. If you come
> up with something that works, consider donating it to the project.

Jan, are you trying to achieve something like:

 http://wiki.apache.org/tomcat/SSLWithFORMFallback

?


p

> -chris
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 

-- 

[key:62590808]


Mime
View raw message