On Thu, 14 Nov 2002, Bill Barker wrote:
> Date: Thu, 14 Nov 2002 22:08:36 -0800 > From: Bill Barker <[EMAIL PROTECTED]> > Reply-To: Tomcat Developers List <[EMAIL PROTECTED]> > To: Tomcat Developers List <[EMAIL PROTECTED]> > Subject: Authenticator Documentation > > Browsing the documentation for 4.1.x, I couldn't find any information on how > to configure an Authenticator. I know that is probably belongs on > tomcat-user :), Because you're so diligent about answering TOMCAT-USER questions, we'll forgive you this time :-) > and I know how it is done. What I'm looking for is the page > (if any) to update. During initialization of a new webapp, Catalina uses the value of the <login-method> (which should be BASIC, DIGEST, FORM, or CLIENT-CERT) to look up the name of the corresponding Authenticator (which is also a Valve) class in the resource file org/apache/catalina/startup/Authenticator.properties, instantiates an instance, and adds it to the set of Valves to be used for the webapp being initialized. The Authenticator instances themselves don't have any customizable properties -- they just implement the requirements of the servlet spec. Is there some specific customization that you would like to be able to configure? Are you instead interested in how to configure where Catalina looks for users, passwords, and roles? That's done by your selection of an appropriate Realm instance, which is configured by inserting a <Realm> element inside the <Context>. If there is none, a webapp inherits the Realm configured for the owning <Host> or <Engine> element -- in the default configuration, there is one and only one Realm, configured at the <Engine> level, and using the $CATALINA_HOME/conf/tomcat-users.xml file. The admin app can dynamically update this for you, if you want. Craig -- To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>