You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Bill Barker <wb...@wilshire.com> on 2006/02/25 22:15:19 UTC

Re: Adding a Customized authenticator

"Alex Jalali" <al...@ubudesign.com> wrote in message 
news:000001c63a4e$874c6a30$79e0af45@ubudesign...
> Hello,
>
> I would like to extend the DigestAuthenticator class or BaseAuthenticator
> and use that instead of the tomcat default. I have done that but I don't
> know how to have it referenced in web.xml under security-constraint. Or
> maybe in server.xml similar to the way you can create a customized Ream 
> and
> have it referenced in the server.xml as your custom realm.
>
> Is there a <class-name> element I can add perhaps under 
> security-constraint
> element?
> I like to add something like this to let tomcat know that it should use 
> this
> for authentication instead..
>
> ???
> <authenticator>
> <class-name>com.xxx.MyAuthenticator</class-name>
> </authenticator>
> ???
>

The syntax is:
<Context ... >
  <Valve className="com.xxx.MyAuthenticator" ... />
 </Context>
Any other attributes you specify on the <Valve /> element will be passed 
JavaBean-style to MyAuthenticator.

>
> I have this in my web.xml.
>
>
> <security-constraint>
>    <web-resource-collection>
>      <web-resource-name>MyFooRealm</web-resource-name>
>      <description>xxx</description>
>      <url-pattern>/*</url-pattern>
>     <http-method>GET</http-method>
>     <http-method>OPTIONS</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> <http-method>HEAD</http-method>
> <http-method>PROPFIND</http-method>
> <http-method>PROPPATCH</http-method>
> <http-method>MKCOL</http-method>
> <http-method>COPY</http-method>
> <http-method>MOVE</http-method>
> <http-method>DELETE</http-method>
> <http-method>LOCK</http-method>
> <http-method>UNLOCK</http-method>
>    </web-resource-collection>
>    <auth-constraint>
>      <description>xxx</description>
>      <role-name>xxx</role-name>
>    </auth-constraint>
>    <user-data-constraint>
>      <transport-guarantee>NONE</transport-guarantee>
>    </user-data-constraint>
>  </security-constraint>
>  <login-config>
>    <auth-method>DIGEST</auth-method>
> <realm-name>Server Realm</realm-name>
>  </login-config>
>
>  <security-role>
>    <description>Authorized  Users Group</description>
>    <role-name>xxx</role-name>
>  </security-role>
>
>
>
>
> 




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Adding a Customized authenticator

Posted by Bill Barker <wb...@wilshire.com>.

"Alex Jalali" <al...@ubudesign.com> wrote in message 
news:003501c63a53$c895b9b0$79e0af45@ubudesign...
> So where would this go? under </security-constraint> ?? can you be more
> specific.
>
>
>

Wherever you configure your <Context> ;-).  Usually 
conf/Catalina/[host]/mycontext.xml, or META-INF/context.xml.

See http://tomcat.apache.org/tomcat-5.5-doc/config/context.html for more 
details.

>
>
> -----Original Message-----
> From: news [mailto:news@sea.gmane.org] On Behalf Of Bill Barker
> Sent: Saturday, February 25, 2006 1:15 PM
> To: users@tomcat.apache.org
> Subject: Re: Adding a Customized authenticator
>
>
> "Alex Jalali" <al...@ubudesign.com> wrote in message
> news:000001c63a4e$874c6a30$79e0af45@ubudesign...
>> Hello,
>>
>> I would like to extend the DigestAuthenticator class or
>> BaseAuthenticator and use that instead of the tomcat default. I have
>> done that but I don't know how to have it referenced in web.xml under
>> security-constraint. Or maybe in server.xml similar to the way you can
>> create a customized Ream and have it referenced in the server.xml as
>> your custom realm.
>>
>> Is there a <class-name> element I can add perhaps under
>> security-constraint element?
>> I like to add something like this to let tomcat know that it should
>> use this for authentication instead..
>>
>> ???
>> <authenticator>
>> <class-name>com.xxx.MyAuthenticator</class-name>
>> </authenticator>
>> ???
>>
>
> The syntax is:
> <Context ... >
>  <Valve className="com.xxx.MyAuthenticator" ... />  </Context> Any other
> attributes you specify on the <Valve /> element will be passed
> JavaBean-style to MyAuthenticator.
>
>>
>> I have this in my web.xml.
>>
>>
>> <security-constraint>
>>    <web-resource-collection>
>>      <web-resource-name>MyFooRealm</web-resource-name>
>>      <description>xxx</description>
>>      <url-pattern>/*</url-pattern>
>>     <http-method>GET</http-method>
>>     <http-method>OPTIONS</http-method>
>> <http-method>POST</http-method>
>> <http-method>PUT</http-method>
>> <http-method>HEAD</http-method>
>> <http-method>PROPFIND</http-method>
>> <http-method>PROPPATCH</http-method>
>> <http-method>MKCOL</http-method>
>> <http-method>COPY</http-method>
>> <http-method>MOVE</http-method>
>> <http-method>DELETE</http-method>
>> <http-method>LOCK</http-method>
>> <http-method>UNLOCK</http-method>
>>    </web-resource-collection>
>>    <auth-constraint>
>>      <description>xxx</description>
>>      <role-name>xxx</role-name>
>>    </auth-constraint>
>>    <user-data-constraint>
>>      <transport-guarantee>NONE</transport-guarantee>
>>    </user-data-constraint>
>>  </security-constraint>
>>  <login-config>
>>    <auth-method>DIGEST</auth-method>
>> <realm-name>Server Realm</realm-name>
>>  </login-config>
>>
>>  <security-role>
>>    <description>Authorized  Users Group</description>
>>    <role-name>xxx</role-name>
>>  </security-role>
>>
>>
>>
>>
>>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org 




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

RE: Adding a Customized authenticator

Posted by Alex Jalali <al...@ubudesign.com>.

So where would this go? under </security-constraint> ?? can you be more
specific.



 

-----Original Message-----
From: news [mailto:news@sea.gmane.org] On Behalf Of Bill Barker
Sent: Saturday, February 25, 2006 1:15 PM
To: users@tomcat.apache.org
Subject: Re: Adding a Customized authenticator


"Alex Jalali" <al...@ubudesign.com> wrote in message
news:000001c63a4e$874c6a30$79e0af45@ubudesign...
> Hello,
>
> I would like to extend the DigestAuthenticator class or 
> BaseAuthenticator and use that instead of the tomcat default. I have 
> done that but I don't know how to have it referenced in web.xml under 
> security-constraint. Or maybe in server.xml similar to the way you can 
> create a customized Ream and have it referenced in the server.xml as 
> your custom realm.
>
> Is there a <class-name> element I can add perhaps under 
> security-constraint element?
> I like to add something like this to let tomcat know that it should 
> use this for authentication instead..
>
> ???
> <authenticator>
> <class-name>com.xxx.MyAuthenticator</class-name>
> </authenticator>
> ???
>

The syntax is:
<Context ... >
  <Valve className="com.xxx.MyAuthenticator" ... />  </Context> Any other
attributes you specify on the <Valve /> element will be passed
JavaBean-style to MyAuthenticator.

>
> I have this in my web.xml.
>
>
> <security-constraint>
>    <web-resource-collection>
>      <web-resource-name>MyFooRealm</web-resource-name>
>      <description>xxx</description>
>      <url-pattern>/*</url-pattern>
>     <http-method>GET</http-method>
>     <http-method>OPTIONS</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> <http-method>HEAD</http-method>
> <http-method>PROPFIND</http-method>
> <http-method>PROPPATCH</http-method>
> <http-method>MKCOL</http-method>
> <http-method>COPY</http-method>
> <http-method>MOVE</http-method>
> <http-method>DELETE</http-method>
> <http-method>LOCK</http-method>
> <http-method>UNLOCK</http-method>
>    </web-resource-collection>
>    <auth-constraint>
>      <description>xxx</description>
>      <role-name>xxx</role-name>
>    </auth-constraint>
>    <user-data-constraint>
>      <transport-guarantee>NONE</transport-guarantee>
>    </user-data-constraint>
>  </security-constraint>
>  <login-config>
>    <auth-method>DIGEST</auth-method>
> <realm-name>Server Realm</realm-name>
>  </login-config>
>
>  <security-role>
>    <description>Authorized  Users Group</description>
>    <role-name>xxx</role-name>
>  </security-role>
>
>
>
>
> 




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org