Thanks, Bill .
In BasicAuthenticator.java , the authenticate() method gets the username and password
by calling :
String authorization = request.getAuthorization();
which gets the value from the authorization request header, which is the value to
be base 64 encoded of username and password.
A Valve is similar to a Filter, except that it is specific to Tomcat. The
reason to use a Valve here (instead of a Filter) is that Authentication
happens before any of the Filters get a chance to be called. However Valves
get called before Authentication, so you still have a chance to change
I have a question about WEBDAV and How authenticate works.
If i have this in web.xml
login-config
auth-methodBASIC/auth-method
realm-nameMyCustomRealm/realm-name
/login-config
It will get an Popup Log in dialog, and it will invoke my realm's
authenticate() method, with username
The simplest solution is to enable the SingleSignOnValve. This allows any
login to any Context to be passes to any other Context. If this doesn't
meet your needs, then you can:
1) Write a custom Valve to pickup the User.
2) Write a custom Authenticator that knows how to pickup the User.
Dinh,