From several emails on the list and my own issues, it appears that server.xml is not utilized when running JBoss and Catalina together. EmbeddedCatalinaServiceSX constructs the minimum hierarchy of objects Catalina requires and then provides createWebContext() to performDeploy() on a .war via the JBoss hot-deploy feature. Now if I wanted to utilize some of the other valves Catalina provides and/or create my own, would I have to modify EmbeddedCatalinaServiceSX, thus creating my own version, and its corresponding MBean interface? Is this what I am supposed to do?
In particular, I want to use the SingleSignOn valve, the FormAuthenticator valve, and the AccessLogValve valve. Scott Stark had laid out the security framework in his JavaWorld article. JBossSecurityMgrRealm provides the integration with Catalina. It is the Catalina realm of which a userId/password or credentials would be requested. However, unless I am missing something, the servlet component for popping up a web page to acquire a userId/password and determining if the session needs to be authenticated is not addressed. So it seem that these would be good components to reuse, no? Are these valve's functions provided in another way by the JBoss security framework? If this would be a common enough need, I can attempt to design something that would support both the JBoss security architecture, and adding Catalina valve components via the MBean interface. Thank you for the advice. _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
