Custom Authentication

[Ricardo Ramalho]

Hi all! ;)

I have to migrate a Web Application from Allaire JRun to Tomcat 4.0.1.

I have a custom Authentication created by us. How can i use it under TomCat
4.0.1? Information is very non-existant or I'm just to dumb to find it!
:))

Another question: Do i have a "InitialContext" ? If i have so... where is
it? If it doesn't exist, it's no problemat all. I'll simply use the usual
method to access the MySQL database without aquiring the DataSources from
InitialContext (wich maybe it's something from J2EE).

Sorry for my poor English.

Thanks for any help you can give me! :)

Ricardo Ramalho
Carcavelos Lisbon Portugal
E-Works
http://www.eworks.pt



--
To unsubscribe:   <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>

Custom Authentication

[Ricardo Ramalho]

Hi ppl! Again

It looks like i wasn't very accurate in my first question here...
What i wanted to do is something like this: (hope you guys can help) This is
my actual Athentication class, with uses BASIC login.


import java.lang.*;
import java.sql.*;
import javax.sql.*;
import javax.naming.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.util.*;
import java.security.*;
import allaire.jrun.util.*;
import allaire.jrun.security.*;

public class Autentica implements AuthenticationInterface
{
/**
 * Initialize the authentication service
 * @param props The properties for the service
 */
public void init(OrderedProperties props) throws Exception
{
//Não se faz nada aki
}

/**
 * Destroy the service
 */
public void destroy()
{
//Não se faz nada aki
}

/**
 * Authenticate the given user with the given credentials (such
 * as a password).
 * @param req The servlet request
 * @param username The username to authenticate
 * @param method The type of authentication method (BASIC, DIGEST, FORM,
 * or CLIENT-CERT)
 * @param credentials Password and/or other credentials necessary
 * in authenticating the user
 * @return The Principal associated with the given username, or null
 * if authentication failed
 */
public Principal authenticate(HttpServletRequest req, String username,
String password) {
Principal principal = null;
  //tipos para a ligação à base de dados
  Connection dbCon = null;
  Statement dbStat = null;
  String sqlStat = null;
  ResultSet dbRes = null;

// If we have a password, attempt to validate it
if (password != null) {
try {
String dbPass = null;
//Acesso à base de dados - apanhar uma
conecção da pool de conexoes do JRun
   InitialContext ctx = new InitialContext();
   DataSource ds =
(DataSource)ctx.lookup("java:comp/env/jdbc/test_db");
   dbCon = ds.getConnection();
   dbStat = dbCon.createStatement();
sqlStat = "SELECT passwd FROM users WHERE
user='" + username + "'";
dbRes = dbStat.executeQuery(sqlStat);
dbRes.next();
dbPass = dbRes.getString(1);
if (dbPass.equals(password)) {
principal = new
AuthenticatedPrincipal(username);
}
} catch (Exception e) {
e.printStackTrace();
}
}
return principal;
}

/**
 * Determines if the given principal (user) has been granted the
 * given role within this authentication realm.
 * @param principal The principal (user) to verify
 * @param role The role to verify
 * @return true if the principal is part of the given role
 */
public boolean isPrincipalInRole(Principal principal, String role)
{
return true;
}
}


Thank you for any help in advance

---------
Ricardo Ramalho
Carcavelos Lisbon Portugal
EWorks Consulting
-



--
To unsubscribe:   <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>