Emsley, I (Iain) wrote:
I'm trying to implement a JDBC realm to compare a cookie against a
database to authenticate an identity but my current application falls
over trying to get a password where one doesn't exist (they are checked
earlier on in the cycle in another section of the programme).
JDBCRealm (and DataSourceRealm) expect a username and password, and
they're provided by an Authenticator configured elsewhere (e.g.
FormAuthenticator).
Is there a way of overriding the getPassword which the Realm appears to
want or am I best off trying to put a custom realm together?
Maybe you could start over, and elaborate a little on what you're trying
to achieve?
If you're attempting a 'remember me' type facility, for example, then
you should look into SecurityFilter, which does this and a few other
things rather well, and will save you writing and security testing your
own authentication code.
p
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
