On Thu, 14 Nov 2002, Bill Barker wrote:
> Date: Thu, 14 Nov 2002 23:18:54 -0800 > From: Bill Barker <[EMAIL PROTECTED]> > Reply-To: Tomcat Developers List <[EMAIL PROTECTED]> > To: Tomcat Developers List <[EMAIL PROTECTED]> > Subject: Re: Authenticator Documentation > > > ----- Original Message ----- > From: "Craig R. McClanahan" <[EMAIL PROTECTED]> > To: "Tomcat Developers List" <[EMAIL PROTECTED]> > Sent: Thursday, November 14, 2002 10:47 PM > Subject: Re: Authenticator Documentation > > > > > > > > On Thu, 14 Nov 2002, Bill Barker wrote: > > > > > Date: Thu, 14 Nov 2002 22:08:36 -0800 > > > From: Bill Barker <[EMAIL PROTECTED]> > > > Reply-To: Tomcat Developers List <[EMAIL PROTECTED]> > > > To: Tomcat Developers List <[EMAIL PROTECTED]> > > > Subject: Authenticator Documentation > > > > > > Browsing the documentation for 4.1.x, I couldn't find any information on > how > > > to configure an Authenticator. I know that is probably belongs on > > > tomcat-user :), > > > > Because you're so diligent about answering TOMCAT-USER questions, we'll > > forgive you this time :-) > > > > > and I know how it is done. What I'm looking for is the page > > > (if any) to update. > > > > During initialization of a new webapp, Catalina uses the value of the > > <login-method> (which should be BASIC, DIGEST, FORM, or CLIENT-CERT) to > > look up the name of the corresponding Authenticator (which is also a > > Valve) class in the resource file > > org/apache/catalina/startup/Authenticator.properties, instantiates an > > instance, and adds it to the set of Valves to be used for the webapp being > > initialized. The Authenticator instances themselves don't have any > > customizable properties -- they just implement the requirements of the > > servlet spec. Is there some specific customization that you would like to > > be able to configure? > > This much I know. I also know that if under a <Context> I do: > <Valve className="org.apache.catalina.authenticator.FormAuthenticator" > noProxyCaching="false" debug="10" randomClass="my.Random" /> > > than all of the above is skipped (and it is my fault if <login-method> != > FORM :). > Whaddya know ... a feature I forgot about :-). Indeed, the initialization code has a special check that, if you've already configured an Authenticator valve for this webapp, it will ignore the <login-method> and just assume you know what you're doing. > I just added the "noProxyCaching" attribute, and wanted to know is if there > is a page in the docs that I should change to document this (so I have less > questions to answer on tomcat-user :). I feel your pain :-). I don't think we have this documented at all right now. It would probably be worth adding a section on the page "webapps/tomcat-docs/config/valve.xml" about the standard Authenticator valves and the properties that they support. By the way, doesn't "noProxyCaching" end up being a double negative? Would it make more sense to call it "disableProxyCaching" or something like that instead? Craig -- To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>
