Form based authentication and sessions

[Carl Maib <ca...@mfells.com>]

hello all,
i am having trouble getting form based authentication working the way i would like. as suggested by several threads in this group, i am trying to override the authenticate of the FormAuthenticator so that i can set session data appropriately.

the problem i am having is that i am unable to get this to build and link as described in the examples. a quick summary of what i am trying to do can be found at http://tomcat.mslinn.com/tomcat/realms.html (see bottom of the page for tomcat 4.x).

i believe my problem is that i am not quite sure how to best link into use tomcat's native classes. i am not even sure if this is allowed, given the tomcat4 docs indicate catalina.jar classes are invisible to web apps, as mentioned below. 

Catalina - This class loader is initialized to include all classes and resources required to implement Tomcat 4 itself. These classes and resources are TOTALLY invisible to web applications. All unpacked classes and resources in $CATALINA_HOME/server/classes, as well as classes and resources in JAR files under $CATALINA_HOME/server/lib, are made visible through this class loader. 

so, if they are invisible to webapps, are you not suppose to use them? if allowed, how can you get to them?

can someone point me in the right direction, as far as how best to get rid of compile time errors (e.g. unknown symbol HttpRequest) and runtime errors which include class loader exceptions for FormAuthenticator (tomcat class).

any help would be greatly appreciated!

thanks...