Mark Thomas wrote:
Ken Johanson wrote:
Hi all,
I am able to access the current context's org.apache.catalina.Realm
object using Yoav Shapira's Tomcat-Realm example; however, when I call
Realm.authenticate(String user, String pass), the Principal object that
it returns is not being registered with the session..
In other words, subsequent requests (inside the same webapp / context
that I'm calling invoking Realm.authenticate from) just return null for
getRemoteUser() and getPrincipal()...
Shouldn't authenticate() register the Principal with the Session
automatically? Or do I need to call register() in interface Authenticator?
Thank,
ken
What are you trying to do? From the amount of access you seem to need
to Tomcat internals, you might be better off just writing a custom
realm and/or authenticator.
Mark
Mark,
I'm trying to write a facade API that will call into whatever
Realm/Authenticator that the user already has configured (though an
abstract/overridden method)... the idea being that no changes to the
user's existing auth config or modules are required, nor that the user
should need to change out any custom realm/authenticator that they may
have written, for mine. So the solution needs to transparently call into
some existing method(s) in the 'Base' classes or interface impls..
This would be exposed in something like: static boolean
Tomcat5.authenticate(request, response, user, pass); (Or an X509 chain)
Hope this makes sense,
ken
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
