I reviewed Sohil's post and did review the Tomcat Authenticator and I can now see what the hurdles are in regard to circumventing the Tomcat Valve.
Portal extends the JBoss security which extends the Tomcat security scheme although I think it is still possible to setup a portlet with just portal authorization would get pretty ugly. So rewriting the Tomcat Authenticator and applying as a custom servlet would be the easier route. Not sure what that will be but if anyone has done this I and Indy would appreciate it if you would share some code. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4075563#4075563 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4075563 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
