Hi, is it possible, to write other FormAuthenticators?
I am interested in a class MyFormAuthenticator that can be used instead of the FormAuthenticator shipped with tomact. The difference to FormAuthenticator would be small: instead of using the parameters j_username and j_password only, the corresponding form would contain a third parameter, e.g. j_xyz, which is then additionally used for authentication. That is, I would also need my own class MyRealm, that has a method with the signature Principal authenticate(String, String, String) This additional authentication method (form based with three parameters, username, password and something else) should not contradict the servlet 2.4 and j2ee 1.4 specs -- but I am no expert. I am really new to tomcat, so I cannot judge whether there are problems that make this impossible or complicated to implement. The intention is, that MyFormAuthenticator can be specified in the Form Authenticator Valve and MyRealm in a Realm tag. Unfortunately the doc says, that this MUST not be done. Why? Thanks for any answers, Andreas Schenk --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
