tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael-O <>
Subject Re: Tomcat Valve Custom args
Date Mon, 01 Apr 2013 13:10:14 GMT
Am 2013-04-01 14:28, schrieb N.s.Karthik:
> Hi
> Thx for the reply
> I know that Valves are invisible to the app......
> Reason :
> I have created a Customized valve as a separate jar  used for AAA
> interception of my APPS ,
> Since I cannot configure each and every application hosted on the Tomcat
> with filters  and hence created a Valve to apply this at Tomcat level
> I use the IWA (Integrated Window Authentication)  of IE / FFOx for Active
> directory AAA Authentication.
> On-sucessfull  AAA, in the valve  I need the variables such as
> username/domain name .... to be further  used with in each application
> Hence I need to know if any possibilities to fetch the variables  into each
> of the applications from the valves ...???

I hope that you have implemented AuthenticatorBase in Tomcat with your 
custom Authenticator. With that you can register a Principal object.

I have written a fully-featured SPNEGO/AD Realm package which uses a 
custom ActiveDirectoryPrincipal extends Principal. In that I have stored 
distinguished name, objectSid, etc (source code available).

First, make the Principal#getName return either the Kerberos UPN, or if 
you use NTLM (yuck) return the legacy login name.

If your need access to further attributes do in your app:

MyCustomPrincipal principal = (MyCustomPrincipal) request.getPrincipal();

...access attributes.

That is the way to go.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message