Hello,
I try to get the following to work (Apache Tomcat/5.5.9 as ServletContainer
within JBoss 4.x):
I have a servlet inside a web application which is protected by Basic
Authentication. The problem is that I have some clients which cannot do the
challenge response basic authentication needs. They are identified via the
hardware serial number of their device which is submitted in the request.
So I want to do a lookup in an own database table containing a mapping from the
hardware serial number to the user's username and password and then add the
basic authentication authorization header before tomcat/JBoss does the
authorization.
I developed a simple valve to test:
public class PenFrameworkAuthenticationValve extends ValveBase {
public void invoke(Request request, Response response) throws
IOException, ServletException {
Log log = container.getLogger();
log.info(this.getClass().getName() + " called.");
request.addHeader("Authorization", "Basic am9jaGVuYjpqb2NoZW5i");
this.getNext().invoke(request, response);
log.info(this.getClass().getName() + " finished.");
}
}
But the problem is, that this valve is called after the basic authentication
took place (exactly as it happens if I try to use a servlet filter).
Is there another possibility to achieve what I want using JBoss or Tomcat
functionality?
Kind regards
Jochen
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
