Hi Rene,
You can have a look at http://www.kopz.org/public/documents/tomcat/jaasintomcat.html
It contains a "known-good" approach so it may be of some use to you.
Michiel
Rene Paulokat wrote:
hi again, fiddled araound with JAASRealm in tomcat 5.0.28 but still did not succeed.
so i`ll ask a few simple questions: (which actually seemed already answered to me while reading tons of faq/documentation - but it still does not work)
is it possible to authenticate users via servlet, when the actual page does not include action-url 'j_security_check' e.g. <form action="myservlet.do" method="POST">
i need to do so, because 'MyCallbackHandler' needs more specific data
if so, is it fuerthermore possible to do smthng like:
LoginContext ctx = new LoginContext("logonDef", new MyCallbackHandler(user,pass,object)); ctx.login();
if so, why do i have loads of problems when i try to retrieve MyCallbackHandler in my custom LoginModule when simple doin:
public class MyLoginModule implements LoginModule {
private Subject subject; private CallbackHandler handler; private Map sharedState; private Map options; private Logger logger;
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState,Map options) { this.subject = subject; this.handler = callbackHandler; this.sharedState = sharedState; this.options = options; this.logger = Logger.getLogger(MyLoginModule.class); }
pubic boolean login() { MyCallbackHandler myhandler = (MyCallbackHandler) this.handler; // do something with it.. // but here the ClassCastException shows up ... } ... }
thanks in advance..
insanely rene
-- Michiel Toneman Software Engineer Bibit Global Payment Services Regulierenring 10 3981 LB Bunnik [EMAIL PROTECTED] Tel. +31-30-6595168 Fax +31-30-6564464 http://www.bibit.com/
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
