Re: Basic and Form Authentication

Wed, 02 Dec 2009 14:23:08 -0800 

Christopher Schultz wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

André,

On 12/1/2009 6:57 AM, André Warnier wrote:

Peter Crowther wrote:

2009/12/1 Anthony Jay <anthony...@fastmail.fm>:

As for cross application communication I will have to revisit our own
code to see if there are static/singleton services that can be
re-engineered and decoupled.

This may be one of the few appropriate times where you may want to put
code for the singletons (and all the classes that might be referenced
by your singletons) in common/lib.  It's not an ideal solution, but it
may save you considerable effort as those classes will then be loaded
by a single classloader, rather than the per-webapp classloaders.


Or then, this may be a case where you want to explore front-ending these
applications with an Apache httpd server, linked to Tomcat via an AJP
connector.
There is considerably more flexibility in Apache httpd regarding AAA
(since for one it is not bound by the servlet spec), and once a request
is authenticated, Apache and the connector will happily pass this
authenticated id to Tomcat.  And you would have to change nothing to
your servlet-engine side code, singletons and all.


Yeah, the problem is that AFAICT there is no standard way to do
form-based authentication with Apache httpd. HTTP BASIC AUTH works
wonderfully, but how would one implement form-based credential
gathering? Is a custom module required for this, or does httpd come
packaged with something that would work, even if a custom form /page/
would have to be developed that POSTs to a special URL?


Yes, the OP already hit that wall too.
There exist a plethora of Apache/mod_perl modules that do that, available on CPAN, and being myself a mod_perl guy and using such modules all the time, I never throught it could be an issue. But strangely enough indeed, it does not appear that there exists a standard Apache module, part of the standard distribution, which handles form-based logins. I find that quite puzzling, and cannot quite believe this. I will enquire on the Apache forum about it. 





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to