Do your logs indicate your custom authenticator is active or does it throw an error? ANS-->>> tomcat logs and other logs doesn't show any exception or even traces added in the valve class. In Tomcat 6 we are able to see logs added in our implemementation of AuthenticatorBase class.
How had you configured the authenticator to work in Tomcat 6.0? ANS-->>> In Server.xml we have defined Realm under Engine <Realm className="com.xyz.platform.realm.Realm" realmPluginClass="com.xyz.org.realm.MyRealmPlugin"/> </Engine> In Web.xml of the application we have defined following <security-constraint> <web-resource-collection> <web-resource-name>Web application name</web-resource-name> <description>Simple constraint for web resources</description> <url-pattern>/*</url-pattern> <http-method>HEAD</http-method> <http-method>POST</http-method> <http-method>GET</http-method> <http-method>PUT</http-method> <http-method>DELETE</http-method> </web-resource-collection> <auth-constraint> <description>Simple constraint</description> <role-name>app-user</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>My App Realm</realm-name> </login-config> In context.xml inside META-INF of the application we have defined Valve <Context path="/myapp" docBase="myapp" debug="0" privileged="true"> <ResourceLink name="tomcatHelper" global="MyTomcatHelper" type="com.my.app.tools.tomcat.MyTomcatHelper" /> <Valve className="com.my.realm.valve.AuthenticationValve" characterEncoding="UTF-8"/> </Context> ---------------------------------------------------------------------------------------- The same is present in Tomcat 7.0.20 but the AuthenticatioValve is not hitting. One more thing that we have observed that in CATALINA_HOME/conf/Catalina/localhost/ directory in7.0.20 we are not having any xml while in Tomcat 6 we are having application context.xml like files. Thanks Sachin On 2/16/12, Pid <p...@pidster.com> wrote: > On 16/02/2012 12:30, Sachin Mehrotra wrote: >> Hi >> >> After upgrade from Tomcat 6 to Tomcat 7.0.20, our Basic Authentication >> valve is not hitting. It seems it is overlooking our implementation of >> Basic Authentication. >> Below is the implementation: >> We are having Realm that is doing authentication using our >> authentication server. Before that we are having a Valve defined in >> /META-INF/context.xml that is doing some pre-authentication based on >> the token define in the HTTPs request. >> If the token matches our creteria then Realm is hitting for actual Auth. >> >> This was working fine when Tomcat 6 was there and we were able to see >> the logging coming that was added to our Implementation of Baisc >> Authenticator. > > There's no guarantee that the internals of Tomcat remain the same > between releases. > > Do your logs indicate your custom authenticator is active or does it > throw an error? > > How had you configured the authenticator to work in Tomcat 6.0? > > > p > > > > -- > > [key:62590808] > > -- With Regards Sachin Mehrotra --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org