"Andrei Tchijov" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Bill, > Tomcat will use my authenticator regardless of "login-config/auth- > method" setting? If it is the case, how my Authenticator can figure- out > what auth-method was configured (normally my authentication method will > be used in-addition to what ever standard method has been used)? > Thanks, >
Yes, if you explicitly configure an Authenticator, Tomcat assumes that you know what you are doing. You can query the LoginConfig from the Context to get the method. Your Authenticator is responsible for whatever should be configured on the Response in the event that authentication fails. But from what you say, you may just want a plain Valve instead. If your Valve sets the Principal on the Request, all of Tomcat's Authenticators will assume that the user is logged in, and accept the request (assuming that the roles match). > Andrei > > On Jun 7, 2007, at 9:51 PM, Bill Barker wrote: > >> >> "Andrei Tchijov" <[EMAIL PROTECTED]> wrote in message >> news:[EMAIL PROTECTED] >>> I understand. My problem it twofold. In order to make an >>> authentication >>> decision ... >>> - I need to have an access to some information from HTTP Request, >>> - I need to be able build HTTP Response (basically, I need to be able >>> to >>> issue challenge in response to authentication request). >>> As I stated in my original post, I think that right place to put this >>> kind of functionality is authenticator. My original question was, if >>> it >>> is possible to register new Authenticator without re-compiling Tomcat. >>> >>> >> >> Yes, it is possible. You just create your own Authenticator class >> (probably >> extending Tomcat's AuthenticatorBase and implementing the authenticate >> method). Then you do: >> <Context ......> >> <Valve className="com.myfirm.mypackage.MyAuthenticator" .... /> >> .... >> </Context> >> This will cause Tomcat to use your Authenticator instead of one of it's >> own. >> >>> On Jun 7, 2007, at 5:06 PM, Caldarale, Charles R wrote: >>> >>>>> From: Andrei Tchijov [mailto:[EMAIL PROTECTED] >>>>> Subject: Re: Is it possible to introduce new authentication >>>>> method without modifying tomcat? >>>>> >>>>> I was just commenting that I can not see how JAASRealm >>>>> (or any Realm for that matter) can help me >>>> >>>> Specifying JAASRealm as the <Realm> gives you the opportunity to >>>> implement your own LoginModule. Such a LoginModule can utilize any >>>> number of authentication mechanisms - all under your control. >>>> >>>> - Chuck >>>> >>>> >>>> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE >>>> PROPRIETARY >>>> MATERIAL and is thus for use only by the intended recipient. If you >>>> received this in error, please contact the sender and delete the e- >>>> mail >>>> and its attachments from all computers. >>>> >>>> -------------------------------------------------------------------- >>>> - >>>> To start a new topic, e-mail: users@tomcat.apache.org >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>> For additional commands, e-mail: [EMAIL PROTECTED] >>>> >>> >>> >>> --------------------------------------------------------------------- >>> To start a new topic, e-mail: users@tomcat.apache.org >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >> >> >> >> >> --------------------------------------------------------------------- >> To start a new topic, e-mail: users@tomcat.apache.org >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]