Hi,
I'm developing servlet using servlet API 2.3 on Tomact application server,
now my task is to implement path based authentication (pba) with the
following Tomcat configuration:
auth-method= BASIC
Realm className="org.apache.catalina.realm.MemoryRealm"
But behavior I need is:
1. If Tomcat gets
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
> But behavior I need is: 1. If Tomcat gets request with no user
> information data (username/password) it should pass it to servlet and
> then servlet after handling request's URI according to pba config
> file may send S
Christopher, thanks for reply.
2007/10/9, Christopher Schultz <[EMAIL PROTECTED]>:
>
> You cannot do this with Tomcat's authentication mechanism. You will have
> to provide an alternative implementation. I recommend looking st
> securityfilter ( http://securityfilter.sourceforge.net ).
Well, s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
> Christopher, thanks for reply.
>
> 2007/10/9, Christopher Schultz <[EMAIL PROTECTED]>:
>
>> You cannot do this with Tomcat's authentication mechanism. You will
>> have to provide an alternative implementation. I recomm
Christopher,
2007/10/9, Christopher Schultz <[EMAIL PROTECTED]>:
>
> >> You cannot do this with Tomcat's authentication mechanism. You will
> >> have to provide an alternative implementation. I recommend looking
> >> st securityfilter ( http://securityfilter.sourceforge.net ).
> >
> > Well, secur
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
> Christopher,
>
> 2007/10/9, Christopher Schultz <[EMAIL PROTECTED]>:
You cannot do this with Tomcat's authentication mechanism. You will
have to provide an alternative implementation. I recommend looking
Christopher, thank you for your great help,
2007/10/10, Christopher Schultz <[EMAIL PROTECTED]>:
> >> ...why you want your own servlets to do the authorization instead
> >> of the container (or securityfilter)?
> >
> > This is the main question. Today we decided to do nothing new with
> > authent
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
> Well, have you ever configured path based authentication for Subversion
> Server?
Oh, you're using WebDAV. :(
> So if there is no element in
> web.xml, Tomcat doesn't provide authorization, right?
Correct. It will no
Sent: Tuesday, October 09, 2007 5:08 PM
To: Tomcat Users List
Subject: Re: Anonymous access with Tomcat Authentication configured.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
> Well, have you ever configured path based authentication for Subversion
> Server?
Oh, y
Christopher,
2007/10/10, Christopher Schultz <[EMAIL PROTECTED]>:
> Tomcat's built-in A&A requires that an unauthenticated user request a
> protected resource (protected by a ). When this
> happens, Tomcat intercepts the request internally and issues the
> appropriate login request (HTTP AUTH, FO
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Barry,
Propes, Barry L wrote:
> is the bottom line that he (Semen's) wanting certain areas protected
> by a role, and other areas protected/accessible only by another role?
Sounds like he wants user-level authorization, which Tomcat just doesn't
do.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
> So implementing internal server component (probably valve) is the only
> solution, right?
No. Since you only have one servlet, you can even implement directly in
that one servlet. Your other option is to use a Filter, w
12 matches
Mail list logo
