-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Kerrin,
Kerrin Hardy wrote: | I have investigated Security Filter, and I don't see how that gives | me access to the IP address of the client. You have to implement your own Realm. If you use FlexibleRealmInterface, you have access to the entire HttpServletRequest, including things like the IP address. I have used this technique myself to do exactly as you desire. | It is upmost importance that I log the IP address of both successful | and unsuccessful logon attempts, which is why this must be done | outside the application. In any case, you will have to either hack the Tomcat authentication code or disable container-manager authentication, since Tomcat intercepts all authentication requests and your code will never have a chance. That's why I suggested sf. Hope that helps, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkfFcXsACgkQ9CaO5/Lv0PCk8wCgmedUvzj0F5anfYO8JV9bwu+i KjgAoKR4/RnUthp1naytQbIWYNT/8wa2 =xjlg -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
