I think what you are after is well beyond tomcat's realm
authentication/authorization implementation.
You could implement your own login page and filter (notice I didn't
mention realm). The login page/servlet can validate users, track the
error rate and opt for showing CAPTCHA as necessary.
Hi David,
I don't like realm because I don't want to implement a new
authentication repository, I only want to implement a new authentication
method. Doing this at the realm level limit the possibilities of the
form, i want to do captcha validation when the user has has tw
consecutive errors
En l'instant précis du 04/07/07 10:15, rpr_listas s'exprimait en ces
termes:
> Hello David,
>
> I know that this is out of the specification, and bind my application
> to this server implementation, but modify the realm has the same
> problem, transform my application in a tomcat-only application.
Hello David,
I know that this is out of the specification, and bind my application to
this server implementation, but modify the realm has the same problem,
transform my application in a tomcat-only application.
Build a custom authentication is not solution, because this disconnect
the appli
David and Ricardo,
David Delbecq wrote:
> 2) Don't rely on container security and provide your own security with
> you own whatever forms.
Securityfilter (http://securityfilter.sourceforge.net) is a drop-in
replacement for container-managed security that is implemented as a
filter and can be exte
Hello,
Form authnetificator does form based authentification regarding the
corresponding J2EE specifications, which specify the submit name of the
username field (j_username), the submit name of the user password
(j_passwrd), and that's all. Of course you, developper of webapplication
can customiz
Hi all!
I'm thinking in implement a captcha
(http://en.wikipedia.org/wiki/Captcha) protection for web-based
authentication. I'm looking in the tomcat surce and the form
authentication seems be implemented by
org.apache.catalina.authenticator.FormAuthenticator class. But I'm not
sure if chan
