You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Bill Barker <wb...@wilshire.com> on 2006/02/25 22:15:19 UTC
Re: Adding a Customized authenticator
"Alex Jalali" <al...@ubudesign.com> wrote in message
news:000001c63a4e$874c6a30$79e0af45@ubudesign...
> Hello,
>
> I would like to extend the DigestAuthenticator class or BaseAuthenticator
> and use that instead of the tomcat default. I have done that but I don't
> know how to have it referenced in web.xml under security-constraint. Or
> maybe in server.xml similar to the way you can create a customized Ream
> and
> have it referenced in the server.xml as your custom realm.
>
> Is there a <class-name> element I can add perhaps under
> security-constraint
> element?
> I like to add something like this to let tomcat know that it should use
> this
> for authentication instead..
>
> ???
> <authenticator>
> <class-name>com.xxx.MyAuthenticator</class-name>
> </authenticator>
> ???
>
The syntax is:
<Context ... >
<Valve className="com.xxx.MyAuthenticator" ... />
</Context>
Any other attributes you specify on the <Valve /> element will be passed
JavaBean-style to MyAuthenticator.
>
> I have this in my web.xml.
>
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>MyFooRealm</web-resource-name>
> <description>xxx</description>
> <url-pattern>/*</url-pattern>
> <http-method>GET</http-method>
> <http-method>OPTIONS</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> <http-method>HEAD</http-method>
> <http-method>PROPFIND</http-method>
> <http-method>PROPPATCH</http-method>
> <http-method>MKCOL</http-method>
> <http-method>COPY</http-method>
> <http-method>MOVE</http-method>
> <http-method>DELETE</http-method>
> <http-method>LOCK</http-method>
> <http-method>UNLOCK</http-method>
> </web-resource-collection>
> <auth-constraint>
> <description>xxx</description>
> <role-name>xxx</role-name>
> </auth-constraint>
> <user-data-constraint>
> <transport-guarantee>NONE</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
> <login-config>
> <auth-method>DIGEST</auth-method>
> <realm-name>Server Realm</realm-name>
> </login-config>
>
> <security-role>
> <description>Authorized Users Group</description>
> <role-name>xxx</role-name>
> </security-role>
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Adding a Customized authenticator
Posted by Bill Barker <wb...@wilshire.com>.
"Alex Jalali" <al...@ubudesign.com> wrote in message
news:003501c63a53$c895b9b0$79e0af45@ubudesign...
> So where would this go? under </security-constraint> ?? can you be more
> specific.
>
>
>
Wherever you configure your <Context> ;-). Usually
conf/Catalina/[host]/mycontext.xml, or META-INF/context.xml.
See http://tomcat.apache.org/tomcat-5.5-doc/config/context.html for more
details.
>
>
> -----Original Message-----
> From: news [mailto:news@sea.gmane.org] On Behalf Of Bill Barker
> Sent: Saturday, February 25, 2006 1:15 PM
> To: users@tomcat.apache.org
> Subject: Re: Adding a Customized authenticator
>
>
> "Alex Jalali" <al...@ubudesign.com> wrote in message
> news:000001c63a4e$874c6a30$79e0af45@ubudesign...
>> Hello,
>>
>> I would like to extend the DigestAuthenticator class or
>> BaseAuthenticator and use that instead of the tomcat default. I have
>> done that but I don't know how to have it referenced in web.xml under
>> security-constraint. Or maybe in server.xml similar to the way you can
>> create a customized Ream and have it referenced in the server.xml as
>> your custom realm.
>>
>> Is there a <class-name> element I can add perhaps under
>> security-constraint element?
>> I like to add something like this to let tomcat know that it should
>> use this for authentication instead..
>>
>> ???
>> <authenticator>
>> <class-name>com.xxx.MyAuthenticator</class-name>
>> </authenticator>
>> ???
>>
>
> The syntax is:
> <Context ... >
> <Valve className="com.xxx.MyAuthenticator" ... /> </Context> Any other
> attributes you specify on the <Valve /> element will be passed
> JavaBean-style to MyAuthenticator.
>
>>
>> I have this in my web.xml.
>>
>>
>> <security-constraint>
>> <web-resource-collection>
>> <web-resource-name>MyFooRealm</web-resource-name>
>> <description>xxx</description>
>> <url-pattern>/*</url-pattern>
>> <http-method>GET</http-method>
>> <http-method>OPTIONS</http-method>
>> <http-method>POST</http-method>
>> <http-method>PUT</http-method>
>> <http-method>HEAD</http-method>
>> <http-method>PROPFIND</http-method>
>> <http-method>PROPPATCH</http-method>
>> <http-method>MKCOL</http-method>
>> <http-method>COPY</http-method>
>> <http-method>MOVE</http-method>
>> <http-method>DELETE</http-method>
>> <http-method>LOCK</http-method>
>> <http-method>UNLOCK</http-method>
>> </web-resource-collection>
>> <auth-constraint>
>> <description>xxx</description>
>> <role-name>xxx</role-name>
>> </auth-constraint>
>> <user-data-constraint>
>> <transport-guarantee>NONE</transport-guarantee>
>> </user-data-constraint>
>> </security-constraint>
>> <login-config>
>> <auth-method>DIGEST</auth-method>
>> <realm-name>Server Realm</realm-name>
>> </login-config>
>>
>> <security-role>
>> <description>Authorized Users Group</description>
>> <role-name>xxx</role-name>
>> </security-role>
>>
>>
>>
>>
>>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Adding a Customized authenticator
Posted by Alex Jalali <al...@ubudesign.com>.
So where would this go? under </security-constraint> ?? can you be more
specific.
-----Original Message-----
From: news [mailto:news@sea.gmane.org] On Behalf Of Bill Barker
Sent: Saturday, February 25, 2006 1:15 PM
To: users@tomcat.apache.org
Subject: Re: Adding a Customized authenticator
"Alex Jalali" <al...@ubudesign.com> wrote in message
news:000001c63a4e$874c6a30$79e0af45@ubudesign...
> Hello,
>
> I would like to extend the DigestAuthenticator class or
> BaseAuthenticator and use that instead of the tomcat default. I have
> done that but I don't know how to have it referenced in web.xml under
> security-constraint. Or maybe in server.xml similar to the way you can
> create a customized Ream and have it referenced in the server.xml as
> your custom realm.
>
> Is there a <class-name> element I can add perhaps under
> security-constraint element?
> I like to add something like this to let tomcat know that it should
> use this for authentication instead..
>
> ???
> <authenticator>
> <class-name>com.xxx.MyAuthenticator</class-name>
> </authenticator>
> ???
>
The syntax is:
<Context ... >
<Valve className="com.xxx.MyAuthenticator" ... /> </Context> Any other
attributes you specify on the <Valve /> element will be passed
JavaBean-style to MyAuthenticator.
>
> I have this in my web.xml.
>
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>MyFooRealm</web-resource-name>
> <description>xxx</description>
> <url-pattern>/*</url-pattern>
> <http-method>GET</http-method>
> <http-method>OPTIONS</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> <http-method>HEAD</http-method>
> <http-method>PROPFIND</http-method>
> <http-method>PROPPATCH</http-method>
> <http-method>MKCOL</http-method>
> <http-method>COPY</http-method>
> <http-method>MOVE</http-method>
> <http-method>DELETE</http-method>
> <http-method>LOCK</http-method>
> <http-method>UNLOCK</http-method>
> </web-resource-collection>
> <auth-constraint>
> <description>xxx</description>
> <role-name>xxx</role-name>
> </auth-constraint>
> <user-data-constraint>
> <transport-guarantee>NONE</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
> <login-config>
> <auth-method>DIGEST</auth-method>
> <realm-name>Server Realm</realm-name>
> </login-config>
>
> <security-role>
> <description>Authorized Users Group</description>
> <role-name>xxx</role-name>
> </security-role>
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org