I agree with Tim that custom Authenticators can be 'icky'. Fortunately, in Tomcat 5 there is almost no need for one. However, in Tomcat 4, there is still a valid use case for them.
You can avoid messing with Authenticators.properties by explicitly configuring your Authenticator like: <Context path="/myapp" docBase="myapp"> <Valve className="com.myfirm.mypackage.MyAuthenticator" ... /> </Context> To check that your Authenticator has been called, the easiest is to simply add some debugging logging statements. It probably is being called from your description. Of course, these are all generic comments, since you haven't provided enough info to attempt to guess what is wrong (other than the Authenticator isn't setting the Principal :). "Lawence" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Dear all, > > I wrote my own authenticator (extends FormAuthenticator) & realm (extends JDBCRealm). What I need is to check one more field in the database besides password for authentication. Only minor modifications are made on the original codes so I think it should be fine. What I also did include changing the org/apache/catalina/startup/Authenticators.properties > file to add the new authenticator; modifying the server.xml and web.xml accordingly. Furthermore, I added the entries for my authenticator and realm in the mbeans-descriptor.xml file. > > I expected everything to work perfectly but when I tried to access the secured area, I got the following error: > HTTP Status 500 - Configuration error: Cannot perform access control without an authenticated principal > --------------------------------- > > type Status report > > message Configuration error: Cannot perform access control without an authenticated principal > > description The server encountered an internal error (Configuration error: Cannot perform access control without an authenticated principal) that prevented it from fulfilling this request. > > This error was triggered instantly. I mean I even did not have a chance to see the login webpage. Now I have several questions: > > What is the flow of the authentication? Was my authenticator got executed at all? > > Any suggestions would be greatly appreciated. > > > > --------------------------------- > Do you Yahoo!? > The New Yahoo! Shopping - with improved product search --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]