You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Andrea Tomasini <an...@dsnet.it> on 2000/04/05 18:46:34 UTC
RE: Servlet 2.2 Custom Authentication???
> The current (experimental) security is implemented as an
> interceptor, in
> the class
> src.share.org.apache.tomcat.request.SecurityCheck.java. You can
> replace this class with your own interceptor, and configure
> Tomcat to use
> it in the conf/server.xml file.
OK I have added an authMethod called "CUSTOM" with it's own wrapper...
inside the SecurityCheck.java I have compiled and run...
How can I configure Tomcat to wrap around CUSTOM method?
Is right to do something like:
<login-config>
<auth-method>CUSTOM</auth-method>
<realm-name>test</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>test</web-resource-name>
<url-pattern>/test/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
</security-constraint>
Of course I have not understand how to bind web-resource and authentication
method... Can ya help me?
Tnx
ANdreaT
Re: Servlet 2.2 Custom Authentication???
Posted by Costin Manolache <co...@eng.sun.com>.
:-)
Not so fast...
> OK I have added an authMethod called "CUSTOM" with it's own wrapper...
> inside the SecurityCheck.java I have compiled and run...
You can override the methods that check user/password and group, but to define
a CUSTOM method.... I never tried, let me know if you find a solution.
( I will have a bit more time after 3.1 - it shouldn't be very difficult )
Costin
>
> How can I configure Tomcat to wrap around CUSTOM method?
>
> Is right to do something like:
>
> <login-config>
> <auth-method>CUSTOM</auth-method>
> <realm-name>test</realm-name>
> </login-config>
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>test</web-resource-name>
> <url-pattern>/test/*</url-pattern>
> <http-method>GET</http-method>
> <http-method>POST</http-method>
> </web-resource-collection>
> </security-constraint>
>
> Of course I have not understand how to bind web-resource and authentication
> method... Can ya help me?
>
> Tnx
> ANdreaT
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org