-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Konstantin,
On 3/30/17 4:19 AM, Konstantin Kolinko wrote: > 2017-03-30 11:02 GMT+03:00 Jan Vávra <va...@602.cz>: >> Hello, I have written a custom Realm and I need to access to the >> request headers. The authentication should be computed from >> client certificate + id from custom http header X-IdUser. Can I >> somehow access to the HTTPServletRequest instance ? > > Not possible, by design. > > An Authenticator (a valve) can access request and its headers. A > Realm cannot. I've always been frustrated by this, and it's one reason I do not use Tomcat's build-in authentication. I need to log authentication failures and their sources (IP address) and this information is simply not available through the Tomcat-provided APIs. I think there is definitely an opportunity here for improvement. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJY3UoGAAoJEBzwKT+lPKRYngYP/2d9bQ7Br8vfBd3Mta0GYpPk psBNuDCcujkz4rUy0t/1k5ttiCI7coTjkt7joeeMH47A6mhJTbeGGAG+xm/5+Nc4 1lx7kzjDG9fbsrpXzGM3uQT46oikFuHrhzF09E0vAKRyG8mzgc/6jo+oo6M6hdeo RreEe5Fvl1jLHRQTTeSDOdoQ+lDDkwWSS27mmTt8QlDEYdRrJTZZ8thO0LtlZlov +RZB9OtDjl1nriHzBLGmL+Ea2IlctUxTYRuTdynm+IgQzbznMdAfUEwPmYab19RC cxFlm8LcVMT+5UG0JM0xLj1y2NO9+sd+lsvwzv6nNPCXdHQ5raj0IWFX/122wI/U HQFai0pax+XRfCJ+nUFldrROyvPiIQAPOHDRsXOlJOOUDrdXXB4kPya8TwvMRfYp +ueoai3AAExdpT+M8ctto5k97ROw1mwvrWK4nOdKM0nOQ2AMAhTzn0YbDmYjzmgQ Zy8cfBfR5PKL6nBcMjw6BZYZQ+OGSA5vq3Ha+uY6Gk+45TgT3QmYJgeZMUR6auDk URiHtDJCBP/8L+7BbjFaQtgK0NT2WTez4Lt1UbPSQzzCsqGGvpmo5ZGxw5BFkfBX oMTct5G4WKrf8jRq+SV4hZtjCZ/AFAdWMzSWg6MddtboIH3rAWaqiaTIv9DYFuRK n1I4+e6VN9BoKfNfhxvL =KTR1 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org