You can probably do this with JAAS, which is included in j2sdk1.4.0 and was an add-on on 1.3. The main problem I had originally was with the CallbackHandler, which is supposed to get input from the user. I couldn't figure out how to have the CallbackHandler object create an HTML form, send that to the user, and have the "submit" bring the data back into the originating (or a cooperating) object. I think there are ways to do it, but I never did get that worked out, so I subclassed LoginContext so I could pass the account ID / password data into the LoginModule. It all works fine for authentication. Authorization doesn't seem to be working in Tomcat 4 yet (in fact, you get different behaviors out of 4.0.1 and 4.0.3 with the same application).
This approach doesn't use any of Tomcat's security mechanisms (other than running with a security manager). If you look into all that and are interested in the LoginContext source, let me know. Also, if you want links to some of Sun's documentation on JAAS, I can go dig those out. Mark -----Original Message----- From: David Lu [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 09, 2002 9:14 PM To: [EMAIL PROTECTED] Subject: Integrating with JDBCRealm Hi, I am able to get JDBCRealm working in my app. However, I also like to create a "login" form that posts to my own servlet instead of j_security_check. This allows me to manually authenticate the user, and sends him on to the appropriate "home" page depending on his role. What's the best way of doing this in Tomcat? Can I hook in to Tomcat's Authenticator and JDBCRealm? Or do I need to extend them and write my own? I'd like to have both systems work together, i.e. if a user authenticates via my servlet then I do not want Tomcat's container managed authentication to kick in. I'm running Tomcat version 4.0.3. - David - -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]> -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>