The authentication will take place without any user intervention. For example, from a request parameter or cookie value.
BTW, I have just managed to get it to work by using a custom Valve that extends AuthenticatorBase and uses my JAAS realm. The valve adds the principal to the request and this in turn allows getRemoteUser() to work in the servlet. Is this the missing link between using JAAS and still supporting getRemoteUser()? Or is there a standard way of doing this? Thanks > Why is a callbackhandler not required? > > > p --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
