You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Andrea Tomasini <an...@dsnet.it> on 2000/04/05 18:46:34 UTC

RE: Servlet 2.2 Custom Authentication???

> The current (experimental) security is implemented as an 
> interceptor, in
> the class 
> src.share.org.apache.tomcat.request.SecurityCheck.java. You can
> replace this class with your own interceptor, and configure 
> Tomcat to use
> it in the conf/server.xml file.

OK I have added an authMethod called "CUSTOM" with it's own wrapper...
inside the SecurityCheck.java I have compiled and run... 

How can I configure Tomcat to wrap around CUSTOM method?

Is right to do something like:

 <login-config>
      <auth-method>CUSTOM</auth-method>
      <realm-name>test</realm-name>
 </login-config>

 <security-constraint>
      <web-resource-collection>
         <web-resource-name>test</web-resource-name>
         <url-pattern>/test/*</url-pattern>
         <http-method>GET</http-method>
         <http-method>POST</http-method>
      </web-resource-collection>
 </security-constraint>

Of course I have not understand how to bind web-resource and authentication
method... Can ya help me?

Tnx
ANdreaT

Re: Servlet 2.2 Custom Authentication???

Posted by Costin Manolache <co...@eng.sun.com>.

:-)

Not so fast...


> OK I have added an authMethod called "CUSTOM" with it's own wrapper...
> inside the SecurityCheck.java I have compiled and run...

You can override the methods that check user/password and group, but to define
a CUSTOM method.... I never tried, let me know if you find a solution.

( I will have a bit more time after 3.1 - it shouldn't be very difficult )

Costin


>
> How can I configure Tomcat to wrap around CUSTOM method?
>
> Is right to do something like:
>
>  <login-config>
>       <auth-method>CUSTOM</auth-method>
>       <realm-name>test</realm-name>
>  </login-config>
>
>  <security-constraint>
>       <web-resource-collection>
>          <web-resource-name>test</web-resource-name>
>          <url-pattern>/test/*</url-pattern>
>          <http-method>GET</http-method>
>          <http-method>POST</http-method>
>       </web-resource-collection>
>  </security-constraint>
>
> Of course I have not understand how to bind web-resource and authentication
> method... Can ya help me?
>
> Tnx
> ANdreaT
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org