Realm Username & Password from TagSupport
I would like to use a users username/password to login to a database as that user, after they authenticate HOPEFULLY using BASIC authentication. Is there anyway to do this? Justin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Realm Username & Password from TagSupport
Are you saying that you want to build a custom tag to do this. In any case here is the connection logic http://www.kickjava.com/1541.htm - Original Message - From: "Hart, Justin" <[EMAIL PROTECTED]> To: "Tomcat Users List (E-mail)" <[EMAIL PROTECTED]> Sent: Friday, November 21, 2003 12:27 PM Subject: Realm Username & Password from TagSupport I would like to use a users username/password to login to a database as that user, after they authenticate HOPEFULLY using BASIC authentication. Is there anyway to do this? Justin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Realm Username & Password from TagSupport
I would like to authenticate my users with my database without prompting them a second time for a username and password. I have considered creating a subclass of JNDIRealm in order to do this, but I am resisting the urge to do this, figuring that there must be an easier way to implement mulit-tiered security with Tomcat. Unfortunately, somewhere, I need to be able to access the user's password in order to do this. So, what I'm wondering is if there is either a listener that I could implement, from which I could listen to users authenticating and use their username/password combos to login to my database, and then just associate this with their session ID, or if perhaps the user's password is accessible in some way, shape, or form from TagSupport. Justin -Original Message- From: Bryan LaPlante [mailto:[EMAIL PROTECTED] Sent: Friday, November 21, 2003 2:20 PM To: Tomcat Users List Subject: Re: Realm Username & Password from TagSupport Are you saying that you want to build a custom tag to do this. In any case here is the connection logic http://www.kickjava.com/1541.htm - Original Message - From: "Hart, Justin" <[EMAIL PROTECTED]> To: "Tomcat Users List (E-mail)" <[EMAIL PROTECTED]> Sent: Friday, November 21, 2003 12:27 PM Subject: Realm Username & Password from TagSupport I would like to use a users username/password to login to a database as that user, after they authenticate HOPEFULLY using BASIC authentication. Is there anyway to do this? Justin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Realm Username & Password from TagSupport
When your form is submitted, if you are looking up the user from the context you can keep that info in a session var. Be careful not to use cookie sessions for that since you don't want to send the passwd back to the client unless using SSL. TagSupport only offers a way to read in the body of your tag and encapsulate code used by the page author. I am assuming your are talking about 2 access points in the same application context. - Original Message - From: "Hart, Justin" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Friday, November 21, 2003 1:24 PM Subject: RE: Realm Username & Password from TagSupport I would like to authenticate my users with my database without prompting them a second time for a username and password. I have considered creating a subclass of JNDIRealm in order to do this, but I am resisting the urge to do this, figuring that there must be an easier way to implement mulit-tiered security with Tomcat. Unfortunately, somewhere, I need to be able to access the user's password in order to do this. So, what I'm wondering is if there is either a listener that I could implement, from which I could listen to users authenticating and use their username/password combos to login to my database, and then just associate this with their session ID, or if perhaps the user's password is accessible in some way, shape, or form from TagSupport. Justin -Original Message- From: Bryan LaPlante [mailto:[EMAIL PROTECTED] Sent: Friday, November 21, 2003 2:20 PM To: Tomcat Users List Subject: Re: Realm Username & Password from TagSupport Are you saying that you want to build a custom tag to do this. In any case here is the connection logic http://www.kickjava.com/1541.htm - Original Message - From: "Hart, Justin" <[EMAIL PROTECTED]> To: "Tomcat Users List (E-mail)" <[EMAIL PROTECTED]> Sent: Friday, November 21, 2003 12:27 PM Subject: Realm Username & Password from TagSupport I would like to use a users username/password to login to a database as that user, after they authenticate HOPEFULLY using BASIC authentication. Is there anyway to do this? Justin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Realm Username & Password from TagSupport
Well, I want to authenticate them to my database, when they get authenticated for application (IE, login to MS SQL Server when they log into my site). I'm using BASIC authentication at the moment, but considering moving to form (since obviously the variable would get set in the form). I am, however, quite interested in continuing to use BASIC authentication, if at all possible, and still achieve this. I know I can do this by creating a subclass of JNDIRealm, and authenticating to my database from there, but it strikes me as a much better solution to have a listener that listens for signons, and then allow web apps to register for a sign-on type event. I figured that there must be some way to get to this information, as their seem to be several third party products that provide the programmer with at least similar functionality. Justin -Original Message- From: Bryan LaPlante [mailto:[EMAIL PROTECTED] Sent: Friday, November 21, 2003 2:47 PM To: Tomcat Users List Subject: Re: Realm Username & Password from TagSupport When your form is submitted, if you are looking up the user from the context you can keep that info in a session var. Be careful not to use cookie sessions for that since you don't want to send the passwd back to the client unless using SSL. TagSupport only offers a way to read in the body of your tag and encapsulate code used by the page author. I am assuming your are talking about 2 access points in the same application context. - Original Message - From: "Hart, Justin" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Friday, November 21, 2003 1:24 PM Subject: RE: Realm Username & Password from TagSupport I would like to authenticate my users with my database without prompting them a second time for a username and password. I have considered creating a subclass of JNDIRealm in order to do this, but I am resisting the urge to do this, figuring that there must be an easier way to implement mulit-tiered security with Tomcat. Unfortunately, somewhere, I need to be able to access the user's password in order to do this. So, what I'm wondering is if there is either a listener that I could implement, from which I could listen to users authenticating and use their username/password combos to login to my database, and then just associate this with their session ID, or if perhaps the user's password is accessible in some way, shape, or form from TagSupport. Justin -Original Message- From: Bryan LaPlante [mailto:[EMAIL PROTECTED] Sent: Friday, November 21, 2003 2:20 PM To: Tomcat Users List Subject: Re: Realm Username & Password from TagSupport Are you saying that you want to build a custom tag to do this. In any case here is the connection logic http://www.kickjava.com/1541.htm - Original Message - From: "Hart, Justin" <[EMAIL PROTECTED]> To: "Tomcat Users List (E-mail)" <[EMAIL PROTECTED]> Sent: Friday, November 21, 2003 12:27 PM Subject: Realm Username & Password from TagSupport I would like to use a users username/password to login to a database as that user, after they authenticate HOPEFULLY using BASIC authentication. Is there anyway to do this? Justin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
My Solution to "Intercepting Login Information" & "Realm Username & Password from TagSupport"
I think that what we BOTH need to do in this case is create a subclass of whatever realm we are using, and using this subclass provide our specific functionality, in my case authenticating to a database, in yours logging. Justin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: My Solution to "Intercepting Login Information" & "Realm Username & Password from TagSupport"
On 11/21/2003 09:11 PM Hart, Justin wrote: I think that what we BOTH need to do in this case is create a subclass of whatever realm we are using, and using this subclass provide our specific functionality, in my case authenticating to a database, in yours logging. I just tried searching the archives to find the thread but it's so slow I am getting frustrated - basically I'm not a guru if you weigh my questions against my answers on this list, but I did answer that question to say "you cannot intercept login info when using CMS but you can get, after the event, the login name from request.getRemoteUser()". Adam -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: My Solution to "Intercepting Login Information" & "Realm Username & Password from TagSupport"
You and Gary related? Yeah, I use getRemoteUser() elsewhere, but have already started my multi-tiered authentication implementation by subclassing JNDIRealm, seems to work well enough :-) Justin Justin -Original Message- From: Adam Hardy [mailto:[EMAIL PROTECTED] Sent: Friday, November 21, 2003 3:54 PM To: Tomcat Users List Subject: Re: My Solution to "Intercepting Login Information" & "Realm Username & Password from TagSupport" On 11/21/2003 09:11 PM Hart, Justin wrote: > I think that what we BOTH need to do in this case is create a subclass of whatever > realm we are using, and using this subclass provide our specific functionality, in > my case authenticating to a database, in yours logging. I just tried searching the archives to find the thread but it's so slow I am getting frustrated - basically I'm not a guru if you weigh my questions against my answers on this list, but I did answer that question to say "you cannot intercept login info when using CMS but you can get, after the event, the login name from request.getRemoteUser()". Adam -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: My Solution to "Intercepting Login Information" & "Realm Username & Password from TagSupport"
On 11/21/2003 09:57 PM Hart, Justin wrote: -Original Message- On 11/21/2003 09:11 PM Hart, Justin wrote: I think that what we BOTH need to do in this case is create a subclass of whatever realm we are using, and using this subclass provide our specific functionality, in my case authenticating to a database, in yours logging. You and Gary related? Doubt it - I'm a Brit and Gary seems to be American. We might not be Smiths, but Hardys are not that rare. Yeah, I use getRemoteUser() elsewhere, but have already started my multi-tiered authentication implementation by subclassing JNDIRealm, seems to work well enough :-) Guess I completely misunderstood what you are talking about. Thought you were using CMS. Adam -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]