I believe (I'm not looking at my copy of the spec right now) that
the method of authentication is up to the servlet engine. My main reason
for saying this is that its in the server.xml file, and almost everything in
this file is Tomcat-specific. If it was in the web.xml file, then I would
believe that it was part of the standard.
Randy
-----Original Message-----
From: Geoff [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 01, 2001 11:08 AM
To: [EMAIL PROTECTED]
Subject: Re: Custom authentication mechanism in Tomcat?
From: "Randy Layman" <[EMAIL PROTECTED]>
>
> Well, the source for Tomcat is open and available, and there is
> already a class that authenticates against a database
> (org.apache.tomcat.request.JDBCRealm) that seems like it would probably be
a
> good basis for whatever you are trying to do that it doesn't.
Thanks for that - I'll investigate that now. Is there any 'standard' way of
hooking in to the authentication mechanism? The JDBCRealm approach looks
good but also looks to be Tomcat-specific. Or is the standard 'hands-off'
in this area?
Thanks,
Geoff
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
