Re: extending org.apache.catalina.Authenticat
Ferindo, I'm trying to extend my basic JDBC Realm form authentication within my web app to, in addition to checking for userid and password, also check to make users' passwords aren't too old and force them to update their passwords. I have done this with a filter that gets applied after the authentication step; my filter loads user information from the database (if necessary) and checks things like the status of the user. If the user has to update their password, I forward them to the password-changing page. I recently switched to securityfilter in order to record failed logins, and was tempted to put all this logic into the authenticator, but decided against it: I like /this/ strategy for handling these features because they are decidedly outside of the purview of the authenticator. The authenticator's job is to authenticate the user (i.e. check username and password). The features you are talking about are closer to authorization than authentication. Finally, you might consider running an external process to change users' states (i.e. to put them into a must change password state). We have a nightly cron job that runs a number of queries across all users and updates the 'status' of a user to a few states, including must change password. I think it might make your code a bit easier, because the logic for determining the status of a user is outside of somewhere like your authenticator. Hope that helps. -chris signature.asc Description: OpenPGP digital signature
RE: extending org.apache.catalina.Authenticat
Open WinZip (download it if you don't have it). Drag drop the jar into it, you'll see the files. They don't seem to include much source code...just the compiled classes, so it appears. the authenticators.properties file does include the types of authentication, and which authenticator properties files they in turn point to. -Original Message- From: Ferindo Middleton [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 25, 2006 9:42 PM To: users@tomcat.apache.org Subject: extending org.apache.catalina.Authenticat I'm trying to extend my basic JDBC Realm form authentication within my web app to, in addition to checking for userid and password, also check to make users' passwords aren't too old and force them to update their passwords. How do I extend the org.apache.catalina.AuthenticatorBass class? I don't have any experience modifying the insides of Tomcat. I just build web apps that work on top of it. What is Authenticators.properties. Which one of the Tomcat jars has the org.apache.catalina.AuthenticatorBass class and how do I extract the .jar file. I'm not a java programmer. I only have the Java Runtime Environment installed... Will I need the Software Development Kit to do this? Which SDK should I get to do this? Ferindo -- justferindo - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
extending org.apache.catalina.Authenticat
I'm trying to extend my basic JDBC Realm form authentication within my web app to, in addition to checking for userid and password, also check to make users' passwords aren't too old and force them to update their passwords. How do I extend the org.apache.catalina.AuthenticatorBass class? I don't have any experience modifying the insides of Tomcat. I just build web apps that work on top of it. What is Authenticators.properties. Which one of the Tomcat jars has the org.apache.catalina.AuthenticatorBass class and how do I extract the .jar file. I'm not a java programmer. I only have the Java Runtime Environment installed... Will I need the Software Development Kit to do this? Which SDK should I get to do this? Ferindo -- justferindo