tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Vávra <>
Subject Re: Two auth methods for one application
Date Thu, 02 Feb 2012 16:05:11 GMT

> On 02/02/2012 15:00, Christopher Schultz wrote:
>> Jan,
>> On 2/2/12 6:26 AM, Jan Vávra wrote:
>>> Is it possible to configure tomcat to call both variants of
>>> functions? I'd like to write something like
>>> <auth-method>CLIENT-CERT or BASIC</auth-method>.
>> The servlet spec doesn't support anything like this. I think what
>> you'll have to do is write your own Authenticator. You can configure
>> your own Authenticator by registering a<Valve>  that is an
>> Authenticator in your webapp's<Context>. Just write your own code and
>> register it using<Valve>.
>> You can look at the documentation for, say, BasicAuthenticatorValve:
>> And you're going to want to extend AuthenticatorBase.
>> Tomcat has a "CombinedRealm" which allows authentication against one
>> of several sub-realms (like LDAP /or/ JDBC), but does not have a
>> CombinedAuthenticator, which might be a useful addition. If you come
>> up with something that works, consider donating it to the project.
> Jan, are you trying to achieve something like:
> ?

I'm trying to do SSL or Basic auth. This is slightly different: SSL or 
Form auth.
How I'm thinking about that basic vs. form auth should be the only one 
I'll explore this.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message