-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andrei,
Check out securityfilter (http://securityfilter.sourceforge.net). It implements a filter as suggested by someone else, but it has been used by others. Why reinvent the wheel? There are two different interfaces that you can implement in order to do your own authentication. One of these interfaces allows you to get the whole HttpServletRequest object. - -chris Andrei Tchijov wrote: > Hi, > I want to be able to add my own authentication method > (login-config/auth-method) as one of possible choices. Is it possible > to do so without re-compiling tomcat? Ideally, I would love to be able > to achieve my goal by changing server.xml file (and adding some jars > with my custom code to tomcat). > > Before any one suggested that I should write custom Realm: I think it > will not work for me. My authentication method require access to ALL > information available from HTTP Request (not just user name/password) > also in some situations, access to HTTP Response is required as well. It > looks like this method: > > protected abstract boolean authenticate(Request request,Response > response,LoginConfig config) throws IOException; > > or AuthenticatorBase class is the best place to be. > > > Your comments will be highly appreciated, > > Andrei Tchijov > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGaK0E9CaO5/Lv0PARAtKvAJ90h8NFrIennqNNd8iIdjlYQ9Vr7QCfS/IW q39ssFcASe8Vqahla2mqVIU= =7CGy -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
