On 02/02/2012 15:00, Christopher Schultz wrote: > Jan, > > On 2/2/12 6:26 AM, Jan Vávra wrote: >> Is it possible to configure tomcat to call both variants of >> functions? I'd like to write something like >> <auth-method>CLIENT-CERT or BASIC</auth-method>. > > The servlet spec doesn't support anything like this. I think what > you'll have to do is write your own Authenticator. You can configure > your own Authenticator by registering a <Valve> that is an > Authenticator in your webapp's <Context>. Just write your own code and > register it using <Valve>. > > You can look at the documentation for, say, BasicAuthenticatorValve: > http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html#Basic_Authenticator_Valve > > And you're going to want to extend AuthenticatorBase. > > Tomcat has a "CombinedRealm" which allows authentication against one > of several sub-realms (like LDAP /or/ JDBC), but does not have a > CombinedAuthenticator, which might be a useful addition. If you come > up with something that works, consider donating it to the project.
Jan, are you trying to achieve something like: http://wiki.apache.org/tomcat/SSLWithFORMFallback ? p > -chris > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > -- [key:62590808]
signature.asc
Description: OpenPGP digital signature
