tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Komáromi, Zoltán <komaromi.zol...@horticosoft.hu>
Subject Re: tomcat security authenticator
Date Thu, 28 Jun 2012 08:08:01 GMT
1. Why not a Realm?
Because the authentication depends on session attribute, and I want to
bypass the form if user is logged in.

So is this correct?

<Valve className="hu.kozo.security.MyFormAuthenticator" />

The tomcat's doc says, that "Java class name of the implementation to
use. This MUST be set to
org.apache.catalina.authenticator.FormAuthenticator."

Tnaks for help.

2012/6/28 Konstantin Kolinko <knst.kolinko@gmail.com>:
> 2012/6/28 Komáromi, Zoltán <komaromi.zoltan@horticosoft.hu>:
>> Hi,
>>
>> I need to use custom authenticator, because a part of application is
>> using container authentication, and unfortunately the usersernames in
>> realm conflicts with usernames in application database. :(
>>
>> So I need, that if anibody is logged in to my application, then the
>> authenticator automatically authorizes when needed.
>>
>> I think, if I replace the FormAuthenticator with an descendant, it'll
>> solve the problem.
>>
>> To extend FormAuthenticator is simple, but how can I make Tomcat to use it?
>>
>
> 1) Why not a Realm?
> 2) An Authenticator is a Valve and is configured like any other valve.
> If one is present, Tomcat will not configure its own.
>
> Best regards,
> Konstantin Kolinko
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message