On Tue, 23 Jul 2002, Andrew Grosser wrote:
> Date: Tue, 23 Jul 2002 04:39:09 +0000
> From: Andrew Grosser <[EMAIL PROTECTED]>
> Reply-To: Tomcat Developers List <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: How to start the j_security_check servlet if using
> SSLAuthenticator
>
>
> It should be possible to include this "magic" url in the SSLAuthenticator
> class too, no?
>
Are you planning to violate the servlet spec requirements for one and only
one authentication method (in the <login-config> element)? If so, then,
of course you can do whatever you want to your own copy of
SSLAuthenticator -- but we can't do this to the standard one.
It's certainly not obvious to me what you're trying to accomplish with
supporting both. The whole point of CLIENT-CERT authentication is to
avoid the need to challenge the user for their password -- the client
certificate is supposed to be sufficient proof of who they are.
Craig
> thanks
>
> >From: "Craig R. McClanahan" <[EMAIL PROTECTED]>
> >Reply-To: "Tomcat Developers List" <[EMAIL PROTECTED]>
> >To: Tomcat Developers List <[EMAIL PROTECTED]>
> >CC: [EMAIL PROTECTED]
> >Subject: Re: How to start the j_security_check servlet if using
> >SSLAuthenticator
> >Date: Mon, 22 Jul 2002 21:25:30 -0700 (PDT)
> >MIME-Version: 1.0
> >Received: from [192.18.49.131] by hotmail.com (3.2) with ESMTP id
> >MHotMailBF062625008F400431D9C01231839BEF0; Mon, 22 Jul 2002 21:27:17 -0700
> >Received: (qmail 4771 invoked by uid 97); 23 Jul 2002 04:26:00 -0000
> >Received: (qmail 4759 invoked by uid 98); 23 Jul 2002 04:25:59 -0000
> >>From tomcat-dev-return-15135-dioptre Mon, 22 Jul 2002 21:27:35 -0700
> >Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
> >Precedence: bulk
> >List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
> >List-Subscribe: <mailto:[EMAIL PROTECTED]>
> >List-Help: <mailto:[EMAIL PROTECTED]>
> >List-Post: <mailto:[EMAIL PROTECTED]>
> >List-Id: "Tomcat Developers List" <tomcat-dev.jakarta.apache.org>
> >Delivered-To: mailing list [EMAIL PROTECTED]
> >X-Antivirus: nagoya (v4198 created Apr 24 2002)
> >In-Reply-To: <000801c231ff$96d41c60$0100a8c0@ga>
> >Message-ID: <[EMAIL PROTECTED]>
> >X-Spam-Rating: localhost 1.6.2 0/1000/N
> >X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
> >
> >Right now, the choice between FORM and CLIENT-CERT is an either-or choice
> >in the servlet spec -- you cannot choose both on the same web application.
> >
> >The "j_security_check" URL is not actually mapped to a servlet -- it is a
> >"magic" URL that is only enabled (by FormAuthenticator) when the form
> >login page has been displayed. None of the rest of Tomcat has a clue what
> >j_security_check is for.
> >
> >Craig
> >
> >
> >
> >On Tue, 23 Jul 2002, Andrew Grosser wrote:
> >
> > > Date: Tue, 23 Jul 2002 13:15:33 +0900
> > > From: Andrew Grosser <[EMAIL PROTECTED]>
> > > Reply-To: Tomcat Developers List <[EMAIL PROTECTED]>
> > > To: [EMAIL PROTECTED]
> > > Subject: How to start the j_security_check servlet if using
> > > SSLAuthenticator
> > >
> > > Hello,
> > > I have been looking at extending the SSLAuthenticator class to accept
> > > Certificates AND Form type logins using a JDBC connector.
> > > This would have seemed relatively simple - but I have not been able to
> > > instantiate the j_security_check servlet for the SSLAuthenticator class
> > > (as it seems to only work for FormAuthenticator).
> > > I have not been able to find the reference for where j_security_check is
> > > called by the Context config/manager and how it recognizes whether the
> > > authentication used is of type FORM/CLIENT-CERT
> > >
> > > Perhaps it has something to do with the difference between
> > >
> > > ContextConfig[]: Configured an authenticator for method FORM
> > >
> > > And
> > >
> > > ContextConfig[]: Configured an authenticator for method CLIENT-CERT
> > >
> > > But I cant seem to find it anywhere.
> > >
> > > Please help
> > >
> > > Cheers
> > >
> > >
> >
> >
> >--
> >To unsubscribe, e-mail:
> ><mailto:[EMAIL PROTECTED]>
> >For additional commands, e-mail:
> ><mailto:[EMAIL PROTECTED]>
> >
>
>
>
>
> _________________________________________________________________
> Send and receive Hotmail on your mobile device: http://mobile.msn.com
>
>
> --
> To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
