-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Iain,
Emsley, I (Iain) wrote: > What I'm trying to achieve is when the user logs in on main site and > clicks the link to the Java calendar, the link will read the cookie > (extracting the user name/password and converting into hex to send back > to the main config files to check if its valid whilst also checking that > they are a member of our service) and then grant access to the > application on success. Shouldn't this happen automatically? When the browser makes an HTTP connection to your server, as long as the hostname and path match, the cookie will be sent automatically. Am I misunderstanding your thought? Are you trying to implement "remember me" functionality? > I was looking at the JAAS realm since the user information is kept in > what is essentially a flat file db and trying to write a LoginModule > which replicates the existing Perl scripts actions for checking > username/password and membership. I have no experience with JAASRealm. Would it be easier to write a simple Realm instead of dealing with JAAS? > AFAIUI, I'd need to write a servlet to > process the cookie before hitting the JAAS realm though. That's not going to happen: if you're using Tomcat's built-in authentication and authorization mechanism, then basically none of your code gets to run before the authentication is performed (unless you write your own Realm, or JAAS LoginModule). > Have I > understood this correctly or can I get the LoginModule to do the > processing (which appears to be implied in the Tomcat manual on Realms)? Hopefully, the request object is available to your LoginModule or Realm in order to do the authentication. That would allow you to substitute the authentication information from the cookie instead of attempting to get it from the request (parameters). > Ultimately I will need to be able to log users in via http, https and > the Shibboleth Single Sign On (for which I know there is a JAAS realm). Aah, a better reason to use JAAS ;) > As I understand it, as long as I have a config which lists all the > various login methods, I should be able to stack these onto one Tomcat, > or have I also misunderstood this? Sorry, I can't answer this, but I think that's what JAAS was made for: multiple authentication methods glued together, and a simpler, more stable interface (LoginModule) for implementation. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHDlxR9CaO5/Lv0PARAlr3AJ9LDhSciOxAXJZ94uu5eOkNdoodhQCfZHtG PPrHJfLQe4qapF3p7xv4Y6k= =W8zh -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
