[jira] [Commented] (TOMEE-404) allow to give a realm which doesn't implements realm

[Enrico Olivelli (JIRA)]

Enrico Olivelli commented on TOMEE-404 allow to give a realm which doesn't implements realm Example for a CDI bean that can be used as a Realm (working with BASIC and FORM web auth): in META-INF/context.xml <Context ...> <Realm cdi="true" className="org.apache.tomee.catalina.realm.LazyRealm" realmClass="org.superbiz.AuthBean"/> </Context> package org.superbiz; @RequestScoped public class AuthBean { public Principal authenticate(final String username, String password) {         if (("userA".equals(username)||"userB".equals(username)) && "test".equals(password)) {             return new Principal() {                 @Override                 public String getName() {                     return username;                 }                 @Override                 public String toString() {                     return username;                 }             };         }         return null;     }               public boolean hasRole(Principal principal, String role) {           if (principal == null) {               return false;           }           if(principal.getName().equals("userA") && (role.equals("admin")||role.equals("user"))) {               return true;           }           if(principal.getName().equals("userB") && (role.equals("user"))) {               return true;           }           return false;     } }

This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira