On 10/06/2015 16:43, Arjan Tijms wrote: > Hi, > > On Wed, Jun 10, 2015 at 3:28 PM, markt [via Tomcat] < > ml-node+s10n5035887...@n6.nabble.com> wrote: > >> I don't really understand what the requirement is here. Can you expand / >> point me to the part of the spec? >> > > It's simply that from within a SAM you can forward/include to a Servlet > using a dispatcher, such that the output of that Servlet is inserted in the > response.
Thanks for the clarification. You can do that easily from a Valve in a couple of lines of code. No need for extra internal plumbing that I can see. Mark > > It's in section 3.8.3.4 of the JASPIC spec: > > > "3.8.3.4 > Forwards and Includes by Server Authentication Modules > > The message processing runtime must support the acquisition and use of > RequestDispatcher objects by authentication modules within their processing > of validateRequest. > > Under the constraints defined by RequestDispatcher, authentication modules > must be able to forward and include using the request and response objects > passed in MessageInfo. In particular, an authentication module must be able > to acquire a RequestDispatcher from the request obtained from MessageInfo, > and uses it to forward the request (and response) to a login form. > Authentication modules should catch and rethrow as an AuthException any > exception thrown by these methods." > > > A test/example showing this in practice is the following: > > https://github.com/javaee-samples/javaee7-samples/tree/master/jaspic/dispatching > > Specifically, this code shows both an include and a forward done by a SAM: > > public AuthStatus validateRequest(MessageInfo messageInfo, Subject > clientSubject, Subject serviceSubject) throws AuthException { > try { > HttpServletRequest request = (HttpServletRequest) > messageInfo.getRequestMessage(); > HttpServletResponse response = (HttpServletResponse) > messageInfo.getResponseMessage(); > > if ("include".equals(request.getParameter("dispatch"))) { > request.getRequestDispatcher("/includedServlet") > .include(request, response); > > // "Do nothing", required protocol when returning SUCCESS > handler.handle(new Callback[] { new > CallerPrincipalCallback(clientSubject, (Principal) null) }); > > // When using includes, the response stays open and the main > // resource can also write to the response > return SUCCESS; > > } else { > request.getRequestDispatcher("/forwardedServlet") > .forward(request, response); > > // MUST NOT invoke the resource, so CAN NOT return SUCCESS > here. > return SEND_CONTINUE; > } > > } catch (IOException | ServletException | > UnsupportedCallbackException e) { > throw (AuthException) new AuthException().initCause(e); > } > } > > > Sounds good. Thanks for the tip. >> > > You're welcome ;) > > Kind regards, > Arjan Tijms > > > > >> >> Cheers, >> >> mark >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [hidden email] >> <http:///user/SendEmail.jtp?type=node&node=5035887&i=0> >> For additional commands, e-mail: [hidden email] >> <http:///user/SendEmail.jtp?type=node&node=5035887&i=1> >> >> >> >> ------------------------------ >> If you reply to this email, your message will be added to the discussion >> below: >> >> http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5035887.html >> To unsubscribe from Consider support for the Servlet profile of JSR 196 >> (JASPIC) in Tomcat 7.0.x, click here >> <http://tomcat.10.x6.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4993387&code=YXJqYW4udGlqbXNAZ21haWwuY29tfDQ5OTMzODd8LTM3MzU5NTg0OA==> >> . >> NAML >> <http://tomcat.10.x6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> >> > > > > > -- > View this message in context: > http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5035891.html > Sent from the Tomcat - Dev mailing list archive at Nabble.com. > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
