Is this not more or less what JAAS does? There are a number of JAAS
modules at http://free.tagish.net/ that implement among other things a
JDBC Authentication provider.
Michael Jennings wrote:
>
> Hi everyone,
>
> Just for my own education, I decided to write my own authentication-stuff
> for tomcat 3.2.2
>
> To that end I wrote a Request Interceptor that takes 2 parameters
> called "realmProviderClass" and "setupString".
>
> The "realmProviderClass" is the fully-qualified class name of a class which
> implements
> the "RealmProvider" interface which looks like the following:
>
> public interface RealmProvider
> {
> public boolean authenticate(String username, String credentials) throws
> Exception;
> public String[] getUserRoles(String username) throws Exception;
> public boolean initialize(String setupstring) throws Exception;
> public void shutdown() throws Exception;
> }
>
> The "setupString" parameter is passed to the initialize method of the
> RealmProvider class
> during context initialization.
>
> I thought that this might be an easy way to implement various different
> authentication schemes
> by delegating to a "RealmProvider". One could write a "SimpleRealmProvider"
> or a "JDBCRealmProvider"
> etc.
>
> Does anyone think this might be a good idea for inclusion in tomcat?
> -Mike
>
> ______________________
> Mike Jennings
> Southgate Software Ltd.
> 250-382-6851 (ph)
> 250-382-6800 (fax)
> [EMAIL PROTECTED]
--
Andy Armstrong, Tagish
