Have you ever got a fun project for you ;-). The first thing you must do is to make certain that your Realm implements org.apache.catalina.Realm (when I did this, it was a big enough change that I put the 4.x classes in a new package so that I could still see the 3.x versions). Personally, I have a total phobia against depending on anything below o.a.c, but most people implement this by extending o.a.c.realm.RealmBase. At this point you have to minimally implement 'getName' (your Realm's identifier), 'getPassword' (fetch password, given user), and 'getPrincipal(String)' (used only for CLIENT-CERT auth, so if you don't want to support CLIENT-CERT, return null). Of course, the only point of doing a custom Realm is that you want to override other stuff ;-).
If your Realm requires access to the Request, then I'd suggest holding off until you can use 5.x. It is sometimes possible to split a 3.x Realm into a Valve+Realm (what I managed to do), but after my pain, I won't recommend it ;-). "Shailesh Modi" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi, > I am migrating my web application to 4.1.27 from tomcat 3 . > > > In tomcat 3 , I had following code for authentication in server.xml. > > <RequestInterceptor className="com.remind.securetomcat.SecRealm" debug="0" > initCtx="com.sun.jndi.ldap.LdapCtxFactory" > ldapHost="ldap://ldap.mycompany.com:389"; > baseDn="ou=active,ou=employees,ou=people,o=mycompany.com" > maxDnAge="300" > maxPwAge="6000" > maxFilterAge="6000" > /> > > where as 'com.remind.securetomcat.SecRealm' is my class to authenticate user > by my company's ldap. > com.remind.securetomcat.SecRealm class extends tomcat's > org.apache.tomcat.core.BaseInterceptor' , which is not present in tomcat > 4.1.27 . > > What changes are required to make authentication work in server.xml in > tomcat 4.1.27 configuration > to make this work? > > > Thanks and Regards > Shailesh --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
