You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Tim McLaughlin <ti...@macwebb.com> on 2002/07/30 01:00:17 UTC
Custom org.apache.catalina.authenticator
Hello,
The Question:
How do I specify a class other than
org.catalina.authenticator.BasicAuthenticator to handle Basic
authentication?
Background:
I have created a modification of
org.apache.catalina.authenticator.AuthenticatorBase, called
PerContextAuthenticatorBase, and have the accompanying BasicAuthenticator
class (PerContextBasicAuthenticator) that extends my new Base. I would like
to use it rather than BasicAuthenticator. I cannot seem to find where to do
that.
I am trying to set up a system where I can assign management of a particular
Web application to a specific user or group. For this purpose I have made
my own version of the HTMLManagerServlet, called
HTMLPerContextManagerServlet. The difference between mine is best
illustrated by an example URL:
http://localhost/pc-manager/myServletName?command=reload
-- instead of --
http://localhost/manager/reload?path=/myServletName
This allows me to use the standard Realm setup to protect each path.
Unfortunately I need to have one line in the pc-manager servlet's web.xml
file for each context. In the near future, I will have access to an LDAP
store with the user/group information, and I will be using that to
authenticate users, so I would rather customize the authenticator to take
advantage of our setup. Basically the accessControl() method looks at some
store of group->appPath mappings, and if the app being managed
(myServletName in the example above) is in the list for the user attempting
a login, it returns true just as if the group in web.xml had been matched.
This lets me keep the authorized list out of the web.xml file.
I apologize for the length of the post. Any help letting me know how to
specify a custom class to use instead of
Thanks,
Tim
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Custom org.apache.catalina.authenticator
Posted by Tim McLaughlin <ti...@macwebb.com>.
On Monday, July 29, 2002, at 05:51 , Craig R. McClanahan wrote:
> On Mon, 29 Jul 2002, Tim McLaughlin wrote:
>
>> The Question:
>> How do I specify a class other than
>> org.catalina.authenticator.BasicAuthenticator to handle Basic
>> authentication?
>
> There is a properties file in the org.apache.catalina.authenticator
> package that defines the mapping of authentication method to classname.
> You would need to customize this file in
> $CATALINA_HOME/server/lib/catalina.jar.
>
> Or, an easier approach would be to copy your customized version of this
> file into the
> $CATALINA_HOME/server/classes/org/apache/catalina/authenticator
> directory
> (which you'd have to create). This works because the Catalina class
> loaders load from the "classes" directory before they load from
> JAR files
> in the corresponding "lib" directory -- this works both for the server
> class loader (server/classes before server/lib), the common class
> loader
> (common/classes before common/lib) and the webapp class loader
> (WEB-INF/classes before WEB-INF/lib).
The only properties file I found in
src/share/org/apache/catalina/authenticator directory was for the
LocalStrings translations. However, the package.html file
mentioned the
src/share/org/apache/catalina/startup/Authenticators.properties
file.
I have created a copy in $CATALINA_HOME/server/webapps/pc-
manager/WEB-
INF/classes/org/apache/catalina/startup/Authenticator.properties
and specified my custom class, PerContextBasicAuthenticator for
BASIC.
I then restarted tomcat, but the log shows that it is not using my
class (debug=3), instead using the default class. So I moved the
new file to
$CATALINA_HOME/server/classes/org/apache/catalina/startup/Authenticator.properties
and then it works.
When I specify a class to handle BASIC authentication, do I have to
do it server-wide, or can I do it on a per-context basis?
Thanks,
Tim
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Custom org.apache.catalina.authenticator
Posted by "Craig R. McClanahan" <cr...@apache.org>.
On Mon, 29 Jul 2002, Tim McLaughlin wrote:
> Date: Mon, 29 Jul 2002 16:00:17 -0700
> From: Tim McLaughlin <ti...@macwebb.com>
> Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> To: tomcat-user@jakarta.apache.org
> Subject: Custom org.apache.catalina.authenticator
>
> Hello,
>
> The Question:
> How do I specify a class other than
> org.catalina.authenticator.BasicAuthenticator to handle Basic
> authentication?
>
There is a properties file in the org.apache.catalina.authenticator
package that defines the mapping of authentication method to classname.
You would need to customize this file in
$CATALINA_HOME/server/lib/catalina.jar.
Or, an easier approach would be to copy your customized version of this
file into the
$CATALINA_HOME/server/classes/org/apache/catalina/authenticator directory
(which you'd have to create). This works because the Catalina class
loaders load from the "classes" directory before they load from JAR files
in the corresponding "lib" directory -- this works both for the server
class loader (server/classes before server/lib), the common class loader
(common/classes before common/lib) and the webapp class loader
(WEB-INF/classes before WEB-INF/lib).
Craig
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>