Re: Add custom Authenticator in context.xml
I guess it's for OAuth2. I'm using apache OAuth2 module and AJP in Tomcat. That's just great to externalize authentication out of the application, it works well, avoid bad design by nature ... but : - OAuth2 is mostly defined for an application authentication while in JEE the authentication mecanism are mostly serveur side. - java frameworks trend to code or put everything inside the app, while JEE protected it keeping it outside of the app (in the container) Message initial De: Thomas Meyer Répondre à: Tomcat Users List À: users@tomcat.apache.org Objet: Add custom Authenticator in context.xml Date: Sat, 4 Jul 2020 20:54:17 +0200 Hi, a while ago I did write a little POC of how to add a customauthenticator scheme to tomcat. this is what I did come up with: https://github.com/thomasmey/BearerTokenAuthenticator It's rather complicated solution!Is there an more easy solution to add a custom authenticator scheme to a Context/context.xml? Mfgthomas --- --To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.orgFor additional commands, e-mail: users-h...@tomcat.apache.org
Re: Add custom Authenticator in context.xml
Am 6. Juli 2020 14:14:59 MESZ schrieb Mark Thomas : >On 04/07/2020 19:54, Thomas Meyer wrote: >> Hi, >> >> a while ago I did write a little POC of how to add a custom >> authenticator scheme to tomcat. >> >> this is what I did come up with: >> https://github.com/thomasmey/BearerTokenAuthenticator >> >> It's rather complicated solution! >> Is there an more easy solution to add a custom authenticator scheme >to a Context/context.xml? > >How about: > >1. Extract the Authenticators.properties file from catalina.jar > (or from source) >2. Edit it to reference the custom Authenticator >3. Place it at $CATALINA_BASE/lib/org/apache/catalina/startup >4. Add the JAR with the custom authenticator to $CATALINA_BASE/lib > >which would make it generally available to use in WEB-INF/web.xml Okay, understand! Nice trick. > >Or > >1. Add it directly to context.xml as: > > > className="de.m3y3r.catalina.authenticator.BearerTokenAuthenticator" /> > Ah, okay an Authenticator is also a Valve, I didn't think about this! I will play around with this setup a bit. thanks for the hint! > >which you would need to do for each app that wants to use it (or set it >in the global web.xml for all apps). > >Mark > >- >To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Add custom Authenticator in context.xml
On 04/07/2020 19:54, Thomas Meyer wrote: > Hi, > > a while ago I did write a little POC of how to add a custom > authenticator scheme to tomcat. > > this is what I did come up with: > https://github.com/thomasmey/BearerTokenAuthenticator > > It's rather complicated solution! > Is there an more easy solution to add a custom authenticator scheme to a > Context/context.xml? How about: 1. Extract the Authenticators.properties file from catalina.jar (or from source) 2. Edit it to reference the custom Authenticator 3. Place it at $CATALINA_BASE/lib/org/apache/catalina/startup 4. Add the JAR with the custom authenticator to $CATALINA_BASE/lib which would make it generally available to use in WEB-INF/web.xml Or 1. Add it directly to context.xml as: which you would need to do for each app that wants to use it (or set it in the global web.xml for all apps). Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
