You could probably implement your own authenticator, possibly just subclassing the JdbcAuthenticator (see below), then use that authenticator in resin-web.xml. I myself wrote a "patch" for a Tomcat only webapp, that contains this plus dummy implementations of Tomcat classes/interfaces like org.apache.catalina.Container, Engine, Host, Realm, Server.
Maybe this code suites your needs too: public class MyJdbcAuthenticator extends JdbcAuthenticator { public MyJdbcAuthenticator() { super.setPasswordDigestRealm(null); } public String getPasswordDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password) throws ServletException { return super.getPasswordDigest(request, response, app, null, password); } public String getPasswordDigest(String password) throws ServletException { return super.getPasswordDigest(null, null, null, null, password); } } /Mattias Daniel Lopez wrote: > Hi all, > > Long story short: I started consulting in a company that is developing > a product using Tomcat. They want to be able to run the application in > different containers to make sure they are spec compliant and all, so > I suggested Resin as an alternative. > > I've been able to configure the datasources, massage the web.xml to be > more compliant etc. but now I came across a problem I'm not sure how > easy it is to solve: the authenticator. > > Both containers have an implementation of a typical jdbc > authenticator... but for a tiny detail: Resin uses > username+realm+password for the digest and Tomcat uses just the > password, hence the digests do not match and all password are > considered wrong in one of the containers. > > The passwords in use are already stored like that and changing them > would not really solve the problem but move it to the Tomcat side. > > I don't use container based authentication in my own applications for > this very reason, but they are using it and I thought that might not > be an uncommon problem so... is there any way to configure > com.caucho.server.security.JdbcAuthenticator to use just the password > for the digests? > > Cheers! > D. _______________________________________________ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest