Assuming that your Realm is really an o.a.c.Realm, then all you need is to
write an Authenticator to work with your Realm. Something like:
public class MyAuthenticator extends
org.apache.catalina.authenticator.AuthenticatorBase {
public boolean authenticate(Request request, Response res
Our users don't currently logon to our Tomcat servers directly; they are
redirected to the Tomcat servers with their encrypted credentials (a
security token). Our Tomcat Database Realm then seamlessly
re-authenticates the user on the Tomcat server.
We currently don't use Tomcat's container man
