On Thu, 7 Feb 2002, Marc Tinkler wrote:
> Date: Thu, 7 Feb 2002 19:30:20 -0500
> From: Marc Tinkler <[EMAIL PROTECTED]>
> Reply-To: Tomcat Developers List <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Aggregate Realms?
>
> Hello,
>
> Since containers can only have a single realm, I would like to implement a Realm
>that acts like an aggregator. It could contain other realms, and delegate
>authenticate calls to each one, in order, and the first on that answered would
>provide the Principal. This should be easy to implement, but the hard part is
>getting a hook into the xml mapper to do the configuration.
>
> Ideally, you would want the server.xml file to look something like this:
>
> <Realm className="com.plumbdesign.tomcat.realm.AggregateRealm">
> <Realm className="org.apache.catalina.realm.MemoryRealm" />
> <Realm className="com.plumbdesign.tomcat.realm.ActiveDirectoryRealm"
> serverName="ad.foobar.com"
> domainName="foobar.com" />
> </Realm>
>
>
> My question is, can this be done? Is there any way for a realm to add
> XMLActions to control the way it is deserialized from XML? Any ideas?
>
Right now, the nested <Realm> elements would not be recognized, because
the pattern matcher matches on things like ".../Context/Realm" but not
".../Context/Realm/Realm". One option would be to define a bean property
on your AggregateRealm implementation that pointed at an external XML
file, for which you could then construct your own XmlMapper (4.0) or
Digester (HEAD branch) to parse the nested realms, based on the rules that
Catalina normally uses.
In the HEAD branch, Digester also has the ability to recognize some wild
card patterns like "*/Realm" to match a <Realm> element no matter where it
is nested. It would take some refactoring of how the Digester rules are
created (in ContextConfig), but might be feasible.
> Marc Tinkler
>
Craig McClanahan
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
