Daniel Lopez wrote (2007-10-29 18:19):
> I'd like to confirm that this strategy works (with a tiny detail I will 
> explain) and I have now an application that is able to authenticate through 
> the container in Resin and Tomcat.
>
> The only detail I had to modify is that wherever it reads:
>
> return super.getPasswordDigest(...
>
> it should read
>
> return super.getPasswordDigest().getPasswordDigest(...
>
> The reason being that the class that really performs the encrypting is  
> not the authenticator itself but a utility class called PasswordDigest  
> that can be accessed through getPasswordDigest().
Just for the record: The
com.caucho.server.security.AbstractAuthenticator has an overloaded
getPasswordDigest() that does just that:

  public String getPasswordDigest(HttpServletRequest request,
                  HttpServletResponse response,
                  ServletContext app,
                  String user, String password)
    throws ServletException
  {

    if (_passwordDigest != null)
      return _passwordDigest.getPasswordDigest(request, response, app,
                           user, password);
    else
      return password;
  }

So I still claim the code below is sufficient (at least for Resin 3.0).
Anyway, glad I could help.

 /Mattias

>> ...
>>> ...
>>>
>>> public class MyJdbcAuthenticator extends JdbcAuthenticator {
>>>   public MyJdbcAuthenticator() {
>>>     super.setPasswordDigestRealm(null);
>>>   }
>>>
>>>   public String getPasswordDigest(HttpServletRequest request,
>>> HttpServletResponse response, ServletContext app, String user, String
>>> password) throws ServletException {
>>>     return super.getPasswordDigest(request, response, app, null, password);
>>>   }
>>>
>>>   public String getPasswordDigest(String password) throws ServletException {
>>>     return super.getPasswordDigest(null, null, null, null, password);
>>>   }
>>> }



_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Reply via email to