You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Bill Barker <wb...@wilshire.com> on 2005/12/22 05:15:30 UTC

Re: Seamless Container Authentication

Assuming that your Realm is really an o.a.c.Realm, then all you need is to 
write an Authenticator to work with your Realm.  Something like:
   public class MyAuthenticator extends 
org.apache.catalina.authenticator.AuthenticatorBase {
      public boolean authenticate(Request request, Response response 
LoginConfig config)
         throws IOException {
            MyRealm realm = (MyRealm)context.getRealm();
            Principal principal = realm.authenticate(request);
            if(principal == null) {
                 response.sendError(401, "Not Authorized");
                 return false;
           }
           return true;
   }
}

Package it in a jar in server/lib, and then in your context.xml do something 
like:
    <Context>
          <Valve className="com.myfirm.mypackage.MyAuthenticator" />
          <Realm className="com.myfirm.mypackage.MyRealm" />
    </Context>

"Kenny, Robert" <rk...@firstam.com> wrote in message 
news:F228888A68EAAA49A3E92AFC674BDA8002C52A@FDSVAST06SXCH01.flooddata.net...
Our users don't currently logon to our Tomcat servers directly; they are
redirected to the Tomcat servers with their encrypted credentials (a
security token). Our Tomcat Database Realm then seamlessly
re-authenticates the user on the Tomcat server.



We currently don't use Tomcat's container management for this but would
like to but we need a way to logon to a Tomcat server instance
seamlessly using the security credentials provided on the URL. We
currently call servlets that then call the Database Realm directly.



Is there a way to configure Tomcat so that when a protected resource is
accessed it will attempt to authenticate the user to the container from
the remote/custom Security Credentials in the URL before prompting the
user for their Security Credentials ('j_security_check' logon page)?



Thanks,

Robert





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org