You got it: Authenticator is called before Filter. If you want to get in
before the Authenticator is called, then you need to use the
(Tomcat-specific, and totally non-portable) Valve.
Oliver Wulff [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I wrote a custom
of the constraints)
-Original Message-
From: Oliver Wulff [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 02, 2003 11:51 PM
To: Tomcat Users List
Subject: Antwort: RE: Antwort: RE: Antwort: RE: user principal, realm
I wrote a custom HttpServletRequestWrapper and a filter. I've
overriden
, 2003 11:51 PM
To: Tomcat Users List
Subject: Antwort: RE: Antwort: RE: Antwort: RE: user principal, realm
I wrote a custom HttpServletRequestWrapper and a filter. I've
overriden the method getUserPrincipal() and isUserInRole(). The second one
just returns
true back (for test purposes).
Now
I have to overwrite the getUserPrincipal in this valve. I tried the
following:
public void invoke(Request request, Response response, ValveContext
context)
throws IOException, ServletException
{
logger.info(invoke);
HttpRequestWrapper wrapper = new HttpRequestWrapper
I wrote a custom HttpServletRequestWrapper and a filter. I've overriden the
method getUserPrincipal() and isUserInRole(). The second one just returns
true back (for test purposes).
Now, I have a problem if I define a security-constraint in the web.xml. I
get the following error if I try to access
As I understood your problem I think that you have to
implement your own RequestWrapper as your username is
not in an official attribute but a private one. (So
tomcat wouldn't know how to give this information to
a realm)
More on extending a RequestWrapper: