Greetings,
A while back I did some patch work on the catalina.realm.JAASRealm class. I learned a lot in the process.
Shortly thereafter, I wrote a (personal) JAAS LoginModule that uses a JDBC database as the authentication data source. It works great. One of the things I wished I could incorporate into the LoginModule was the ability to leverage Tomcat-managed JNDI resources. That way, I could take advantage of connection pooling, reduce the need to spray credentials into JAAS conf files, etc.
I tried to do it, but couldn't make it work. After many days of troubleshooting and debugging, I realized the source of the problem. JNDI resources did not seem to be available to the threads that call JAASRealm (or any other realms, for that matter). I noted that the JDBCRealm has this TODO:
Support connection pooling (including message
format objects) so that <code>authenticate()</code> does not have to be
synchronized and would fix the ugly connection logic.
Making JNDI resources available to the realms would fix my problem and this one too; all that would be required would be some sort of JNDICallback that JAASCallbackHandler could use to satisfy a JNDI resource request by the JAAS login module. Assuming that making JNDI resources (read-only copies of the global + local context resources) available is a good idea, what's the best way to go about it? I looked at quite a bit of code in catalina/naming and other places; it wasn't very obvious how to do it.
Regards,
Andrew
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
