-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gabor,
Gabor Szokoli wrote: > On Nov 13, 2007 10:11 PM, Mark Thomas <[EMAIL PROTECTED]> wrote: >> Gabor Szokoli wrote: >>> My vague idea is to use a servlet filter to do the authentication, >>> which could doctor the request URL path or parameters to include the >>> authorization details. >> That sounds plausible. > > Thank you, we'll give it a try then. Might I suggest taking a look at securityfilter (http://securityfilter.sourceforge.net). Using that as a jumping-off point could significantly reduce the amount of work you need to do. Use of the FlexibleRealmInterface (which is poorly documented at this point, but there's not much code in the entire project) gives you access to the HttpServletRequest directly, so you can query anything you want from LDAP and stuff it into request parameters -- potentially for a second filter to pick up and modify the request. Just a thought. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHOy2f9CaO5/Lv0PARAjBtAJ98p12kS1gySK7k0fBYSbUxdFVvCwCfZSra XryP6Tg40u5r6dLI8JDMpyA= =7ZSP -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
