Its handled by a custom java.net.Authenticator that integrates with the current
security context. There are testcases showing how to access a secured JNDI
invoker over http.
xxxxxxxxxxxxxxxxxxxxxxxx
Scott Stark
Chief Technology Officer
JBoss Group, LLC
xxxxxxxxxxxxxxxxxxxxxxxx
----- Original Message -----
From: "Dave Smith" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, February 03, 2003 8:33 AM
Subject: [JBoss-dev] Securing JNDI http invoker.
>
> I am using JBOSS 3.0.6 and am trying to secure the JNDI invoker via
> https. Looking at the code there seems to such way to do this. How do
> you get the current username and password from the current login
> context? It would be fairly trival to check the return value, if it is
> 401 then retry with the current login. So ..
>
> if(connn.getResponseCode() ==
> java.net.HttpURLConnection.HTTP_UNAUTHORIZED)
> {
>
> get login,pass from login context
>
> userPassword=userName+":"+passwd
>
> String encoding = new
> sun.misc.BASE64Encoder().encode(userPassword.getBytes());
> URLConnection uc = url.openConnection();
> uc.setRequestProperty ("Authorization", "Basic " + encoding);
> getInputStream blah,blah,blah ....
>
> }
>
>
>
>
>
> -------------------------------------------------------
> This SF.NET email is sponsored by:
> SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
> http://www.vasoftware.com
> _______________________________________________
> Jboss-development mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-development
>
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
