Hi, I'm trying to write a Valve which can be used to automatically setup a security association with an external server (JBoss), using the security information from a Catalina realm. This necessitates getting access to the username and password used to authenticate the user making the request.
This used to be trivial in Tomcat 3.2 (a few lines of code) but seems more complicated, if not impossible in Tomcat 4, which doesn't appear to provide easy access to the information - I can't actually work out whether it caches the password at all in fact. I've been looking at the code in AuthenticatorBase which appears to cache "notes" in the session object which could be used ?? However if I try and use these in a valve which is configured globally (not within a particular context) then there isn't a session available to access. Can anyone tell me if this is possible and if so give some hints about how I could go about it. cheers, Luke. -- Luke Taylor. Monkey Machine Ltd. PGP Key ID: 0x57E9523C http://www.mkeym.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>