You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Tony Dahbura <to...@dahbura.com> on 2003/02/02 21:56:01 UTC
help for a realm author
Team:
When tomcat is configured to support client side certificates for
authentication-what method does it call in a realm package?
For instance for form and uid/password authentication it calls the
method
public Principal authenticate(String username, String credentials)
For a certificate based access model is there another method tomcat will
call in the realm module? I am trying to add certificate support to my
realm module and do not see much info on this?
I would assume that Tomcat would support calling into a realm module
when client side certificates are enabled or is this handled differently
and outside of the domain of realm modules-please elaborate if so?
I may start the document on how to build realm modules as it has been
marked as a fixme for quite some time if the group thinks this would be
helpful.
Thanks for the assist on the above,
Tony
Re: help for a realm author
Posted by Tony Dahbura <to...@dahbura.com>.
Thanks! That was the info I was looking for.
Tony
"Craig R. McClanahan" wrote:
> On Sun, 2 Feb 2003, Tony Dahbura wrote:
>
> > Date: Sun, 02 Feb 2003 15:56:01 -0500
> > From: Tony Dahbura <to...@dahbura.com>
> > Reply-To: Tomcat Developers List <to...@jakarta.apache.org>
> > To: Tomcat Developers List <to...@jakarta.apache.org>
> > Subject: help for a realm author
> >
> > Team:
> > When tomcat is configured to support client side certificates for
> > authentication-what method does it call in a realm package?
> >
>
> Have a look at the authenticate() method in
> org.apache.catalina.authenticator.SSLAuthenticator, and you'll see that
> Tomcat calls the Realm.authenticate() method that takes a certificate
> chain as an argument. If your Realm implementation subclasses RealmBase
> and you don't override it, the version of this method in
> org.apache.catalina.realm.RealmBase will get executed.
>
> > For instance for form and uid/password authentication it calls the
> > method
> > public Principal authenticate(String username, String credentials)
> >
> > For a certificate based access model is there another method tomcat will
> > call in the realm module? I am trying to add certificate support to my
> > realm module and do not see much info on this?
> >
> > I would assume that Tomcat would support calling into a realm module
> > when client side certificates are enabled or is this handled differently
> > and outside of the domain of realm modules-please elaborate if so?
> >
>
> Note that none of the above actually happens unless the user tries to
> access a webapp resource that is protected by a security constraint.
>
> > I may start the document on how to build realm modules as it has been
> > marked as a fixme for quite some time if the group thinks this would be
> > helpful.
> >
>
> That would be a very useful document.
>
> > Thanks for the assist on the above,
> > Tony
> >
>
> Craig
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: help for a realm author
Posted by "Craig R. McClanahan" <cr...@apache.org>.
On Sun, 2 Feb 2003, Tony Dahbura wrote:
> Date: Sun, 02 Feb 2003 15:56:01 -0500
> From: Tony Dahbura <to...@dahbura.com>
> Reply-To: Tomcat Developers List <to...@jakarta.apache.org>
> To: Tomcat Developers List <to...@jakarta.apache.org>
> Subject: help for a realm author
>
> Team:
> When tomcat is configured to support client side certificates for
> authentication-what method does it call in a realm package?
>
Have a look at the authenticate() method in
org.apache.catalina.authenticator.SSLAuthenticator, and you'll see that
Tomcat calls the Realm.authenticate() method that takes a certificate
chain as an argument. If your Realm implementation subclasses RealmBase
and you don't override it, the version of this method in
org.apache.catalina.realm.RealmBase will get executed.
> For instance for form and uid/password authentication it calls the
> method
> public Principal authenticate(String username, String credentials)
>
> For a certificate based access model is there another method tomcat will
> call in the realm module? I am trying to add certificate support to my
> realm module and do not see much info on this?
>
> I would assume that Tomcat would support calling into a realm module
> when client side certificates are enabled or is this handled differently
> and outside of the domain of realm modules-please elaborate if so?
>
Note that none of the above actually happens unless the user tries to
access a webapp resource that is protected by a security constraint.
> I may start the document on how to build realm modules as it has been
> marked as a fixme for quite some time if the group thinks this would be
> helpful.
>
That would be a very useful document.
> Thanks for the assist on the above,
> Tony
>
Craig
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: help for a realm author
Posted by BaTien Duong <ba...@dbgroups.com>.
I am wondering if anybody has attempted to write and test a LdapLoginModule
(factored from JNDIRealm) to work with JAASRealm? Where can I find
configuration properties and example for JAASRealm in tomcat server.xml?
Thanks.
BaTien
----- Original Message -----
From: "Tony Dahbura" <to...@dahbura.com>
To: "Tomcat Developers List" <to...@jakarta.apache.org>
Sent: Sunday, February 02, 2003 1:56 PM
Subject: help for a realm author
> Team:
> When tomcat is configured to support client side certificates for
> authentication-what method does it call in a realm package?
>
> For instance for form and uid/password authentication it calls the
> method
> public Principal authenticate(String username, String credentials)
>
> For a certificate based access model is there another method tomcat will
> call in the realm module? I am trying to add certificate support to my
> realm module and do not see much info on this?
>
> I would assume that Tomcat would support calling into a realm module
> when client side certificates are enabled or is this handled differently
> and outside of the domain of realm modules-please elaborate if so?
>
> I may start the document on how to build realm modules as it has been
> marked as a fixme for quite some time if the group thinks this would be
> helpful.
>
> Thanks for the assist on the above,
> Tony
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org