Ken Johanson wrote:
Is there another commonly used (perhaps not distib'd with tomcat)
implementation of Realm that allows a more programmatic type of
authentication?
I know that a couple other servers provide something like a
boolean <ServerName>.authenticate(String user, String pass), which
checks against the predefined (web.xml) datasources (allowing
pre-processing of form submitted username/password, such as username
aliases or cross-lookup against email address, etc)..
Hmm, I see from all the org.apache.catalina.Realm implementations that
come with Tomcat, that authenticate(user,pass) is already there - but I
currently don't know how to gain access to the Realm service from within
a servlet/jsp (where my controller might be)... and it seems to me that
it may not even be allowed (by design), since there could be security
implications to exposing all those interface methods to the servlet
level.. but if its possible, I'll take it! :-)
Thanks,
ken
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
