tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier (tomcat) ...@ice-sa.com>
Subject Re: Multiple authentication methods? Fallback from keycloak saml to basic/form auth?
Date Wed, 23 Aug 2017 20:43:26 GMT
On 23.08.2017 16:51, ken edward wrote:
> Hello,
>
> I have tomcat value for authentication implemented and working
> (keycloak saml tomcat adapter). but how can I implement a fallback to
> form/basic authentication? Can I chain auth valves?
>

Not really my area, but since nobody else seems to respond, I'll tell you what I believe :

 From the Valve documentation (at 
http://tomcat.apache.org/tomcat-8.0-doc/config/valve.html) I see nothing that would 
indicate that Valves cannot be chained.
In fact, it is rather the opposite, implicitly : some of the listed Valves would not make

sense if they did not allow another Valve to be inserted also (such as the AccessLog Valve).

But I also do not see any explicit mention of what happens when several Valves are defined

in the same "configuration scope" (such as : in what order are they "executed", compared 
to the order in which they are listed in the configuration), which may be of importance to

you. (Obviously, you'd want a Form/Basic auth to be invoked only if your other Valve fails

first, and not before your own Valve).




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message