It really depends on what you need to do. For the simplest case, you implement your own Realm (public class MyRealm implements org.apache.cataliana.Realm), and configure it in server.xml like anyother Realm. In TC 4.x, Realms don't have access to the Request/Response: They just get the login credentials, and are expected to validate them (or not :).
If you need more control on authentication, then you need to implement a custom Authenticator (public class MyAuthenticator implements Valve,Authenticator). This class gets full control over authenticating a Request, and can access anything in the Request/Response. You configure it via: <Context path="/myapp" docbase="webapps/myapp"> <Valve className="com.myfirm.mypackage.MyAuthenticator" .... /> </Context> Neither of these (but especially the second) plays well with the admin webapp. "Eric Chow" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hello, > > In Tomcat, we can use container based authorization. > > Those username/password information can be place in a XML files or use > DBRealm, right ? > > > How can I implement a login module, so that the Web Container will called my > module instead of the default login module. > > For example, the following is my login.jsp. > > <form action="j_security_check" method="post" name="fm"> > <input name="j_username"> > <input name="j_password"> > <input type="submit" value="Login"> > </form> > > When the above submit, it will pass to my LoginModule, how can I implement > that part? > > Best regards, > Eric > > ========================== > If you know what you are doing, > it is not called RESEARCH! > ========================== --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
