On 23.08.2017 16:51, ken edward wrote:
Hello,
I have tomcat value for authentication implemented and working
(keycloak saml tomcat adapter). but how can I implement a fallback to
form/basic authentication? Can I chain auth valves?
Not really my area, but since nobody else seems to respond, I'll tell you what
I believe :
From the Valve documentation (at
http://tomcat.apache.org/tomcat-8.0-doc/config/valve.html) I see nothing that would
indicate that Valves cannot be chained.
In fact, it is rather the opposite, implicitly : some of the listed Valves would not make
sense if they did not allow another Valve to be inserted also (such as the AccessLog Valve).
But I also do not see any explicit mention of what happens when several Valves are defined
in the same "configuration scope" (such as : in what order are they "executed", compared
to the order in which they are listed in the configuration), which may be of importance to
you. (Obviously, you'd want a Form/Basic auth to be invoked only if your other Valve fails
first, and not before your own Valve).
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
