On Wed, 2003-10-15 at 03:25, Matthew Hixson wrote:
> Thanks, Scott. That would be great if I wanted to integrate with
> JBoss' security infrastructure, but I don't need that right now. What
> I need is the simplest possible solution to give me HTTP basic auth
> with embedded Tomcat, and nothing else. What should one do where that
> is the only requirement?
The relevent line of code is in
org.jboss.web.tomcat.tc4.EmbeddedTomcatService
/* We need to go through the context valves and set the cache
flag
on any AuthenticatorBase to false or else the
JBossSecurityMgrRealm
is not asked to authenticate every request. This can result in
an authenticated user thread not receiving its authenticated
Subject and this results in an authorization failure.
*/
StandardContext stdctx = (StandardContext) context;
Valve[] valves = stdctx.getValves();
for (int v = 0; v < valves.length; v++)
{
Valve valve = valves[v];
if (valve instanceof AuthenticatorBase)
{
AuthenticatorBase auth = (AuthenticatorBase) valve;
auth.setCache(false); // !!!!! HERE !!!!
}
}
Perhaps this can added as an attribute to jboss-web.xml
for web applications that don't go outside the web container?
A more complete solution probably requires changes to
Tomcat's AuthenticatorBase to allow the Subject cached in the
session to be re-established on the thread for use outside Tomcat.
I remember looking at this before. One of the difficulties is
that the autenticator is always last, so you cannot add your
own valve afterwards to change the behaviour.
Regards,
Adrian
> Thanks,
> -M@
>
> On Wednesday, October 8, 2003, at 04:35 PM, Scott M Stark wrote:
>
> > See the org.jboss.security.auth.spi.UsersRolesLoginModule described in
> > the
> > JAAS howto available from the sourceforge docs section:
> > http://sourceforge.net/docman/
> > display_doc.php?docid=18240&group_id=22866
> >
> > xxxxxxxxxxxxxxxxxxxxxxxx
> > Scott Stark
> > Chief Technology Officer
> > JBoss Group, LLC
> > xxxxxxxxxxxxxxxxxxxxxxxx
> >
> > Matthew Hixson wrote:
> >> I was just wondering if there is any plan to make HTTP basic auth
> >> work with Tomcat embedded in JBoss using the MemoryRealm.
> >> http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-
> >> howto.html#MemoryRealm
> >> The last I heard was that Realm didn't work when running Tomcat
> >> ebedded in Tomcat.
> >> Is there any other way to get a simple basic auth working from a text
> >> configuration file?
> >> Thanks,
> >> -M@
> >
> >
> >
> > -------------------------------------------------------
> > This SF.net email is sponsored by: SF.net Giveback Program.
> > SourceForge.net hosts over 70,000 Open Source Projects.
> > See the people who have HELPED US provide better services:
> > Click here: http://sourceforge.net/supporters.php
> > _______________________________________________
> > JBoss-user mailing list
> > [EMAIL PROTECTED]
> > https://lists.sourceforge.net/lists/listinfo/jboss-user
> >
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: SF.net Giveback Program.
> SourceForge.net hosts over 70,000 Open Source Projects.
> See the people who have HELPED US provide better services:
> Click here: http://sourceforge.net/supporters.php
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user
--
xxxxxxxxxxxxxxxxxxxxxxxx
Adrian Brock
Director of Support
Back Office
JBoss Group, LLC
xxxxxxxxxxxxxxxxxxxxxxxx
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
