Christopher Schultz wrote: >> Would it also be possible to change the behavior of the >> combinedRealm/LockoutRealm such that if username is found in prior >> realm and password is incorrect, then it skips the other realms? It >> only look into the other realms if username is not found in prior >> realms. > > I'm sure you could do that: you're the author of that realm!
Actually, that would be me ;) These are new realms shipping with 6.0.20 and later. It would be rather difficult to do this as the Realm interface is designed to return a Principal if you are authenticated and null if not. There is no easy way to tell why the authentication failed. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
