I asked:
> >More specifically, I want to be able to define security constraints using
> > the url-pattern matching techniques in the web.xml portion of my .war
(which
> > is a portion of my .ear) but use an external application (or servlet or
> > whatever) to assign users to groups. This would allow great flexibility
> > when it comes to defining which directories, files, servlets, etc are
> > protected from which groups, users, and such. My authentication
mechanism
> > performs authentication against our network servers as assigns
individuals
> > to groups based on criteria which has been defined by management
Craig Responded:
> The mechanisms by which you do this will be specific to each
> container, because
> there's no standard API. For example, in Tomcat 3.1 you have
> to extend an existing
> class (that does the authentication checks) to interact with
> your underlying source
> of authentication information instead of its default one.
And now I ask:
So, in this case, would I still define the HTTP authentication type as being
"FORM" in the web.xml? I am a bit unclear of this. My thoughts are that my
module would actually replace the method which authenticates based off
information in the principals.xml or would this method work in conjunction
with principals.xml (so that if i use FORM authentication it uses my custom
module but BASIC would refer to principals.xml)? Is this corret. I am more
interested in replacing the use of principals.xml simply because of the
volume of accounts I am dealing with. Would / could this be application
scope (instead of server scope)?
I am a bit confused but think I get the general idea. We actually are
currently using Orion and Resin (mostly just for testing my applications
across other servers) and if I understand how this works on Tomcat, I can
begin discussing the feasibility of doing this sort of operation on Orion
and / or Resin.
Is there any documentation on doing this sort of thing? Has anyone done it
that you are aware of?
-jeff
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
