tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From manuel aldana <ald...@gmx.de>
Subject Re: running auth-methods DIGEST + BASIC in parallel
Date Tue, 25 Sep 2012 10:36:22 GMT
On 09/24/2012 08:45 PM, Christopher Schultz wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Manuel,
>
> On 9/24/12 2:00 PM, manuel aldana wrote:
>> Am 24.09.12 18:51, schrieb Christopher Schultz:
>>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>>
>>> Manuel,
>>>
>>> 2. Write a custom Authenticator Valve
>>>
>>> If you want to use Tomcat's container-managed authentication,
>>> then you cannot do this with Filters, so it's going to be a
>>> Tomcat-specific solution.
>>>
>>> If you are going to roll your own authentication solution
>>> yourself, you might want to consider using code from
>>> SecurityFilter (http://securityfilter.sourceforge.net/).
>>
>> Thanks I will have a look. As I use spring another alternative is
>> to skip the servlet specification digest/basic auth, but refer to
>> spring security. With spring it possible to hook into Filters and
>> create support for both auth-schemes.
>
> Spring is definitely the way to go, here.

Confirmed, works good. Spring security is designed to chain several 
auth-methods, so no hack needed.

[...]


-- 
  manuel aldana
  mail: aldana@gmx.de | manuel@aldana-online.de
  blog: www.aldana-online.de

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message