Dinh, Chinh wrote:
Thanks for the response. My situation is like this:
- I created my own Realm for webDAV access. When I launch http://localhost:8080/webdav, it will first call myREalm's authentication(). Within authentication(), I calls some existing authentication class, which returns a USER object (basically, has some application specific user properties). - After the authentication is successful (from a Log-in Dialog box, for example), it will get to my servlet (in this case, a webDAVservlet). In this webDavServlet, I would like to get the USER object that I stored as a data member in my Realm class. - That is the reason I want to be able to get the realm object from the servlet. Any advise ? Thanks . - Chinh
If you want to replace the current servlet authentication, you may want to implement that as a filter instead of a realm. Just search that list and you will find very good recommendations on how to do it. The filter have access to the principal (via the HttpServletRequest object). From that, I'm sure you can implement what you want.
-- Jeanfrancois
Jean-Francois Arcand <[EMAIL PROTECTED]> wrote:
Dinh, Chinh wrote:
I have a tomcat question for you .No. For security reason, a servlet should not have access to any Tomcat classes. If your app is able to have access to those methods, any malicious app can also have access and snif the information.
In Tomcat’s server.xml, we define a realm (only ONE)
When tomcat starts, I think it will instantiate a realm object of this type .
I am trying to find a way to access this realm object in my servlet (the servlet that starts after the realm's authentication
succeeds).
There’s a method “getRealm()” from org.apache.catalina.core.ContainerBase , but how would we get this ContainerBase ?
Why do you want to have access to the realm?
Does Tomcat have some kind of global object of this type ?
No...and in Tomcat 5,we have enforced the security protection mechanism so it is mostly impossible to invoke Tomcat internal classes (when the security manager is turned on)
Thank you . Chinh
-- Jeanfrancois
--------------------------------- Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month!
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------- Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month!
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
