Hi again Craig,
So I've followed the "cookbook" way to do my custom Authenticator and
it does not seem to work, even if I use the exact code from for example
FormAuthenticator.java. I'm testing it by changing a working web.xml
file for the protected example
(/examples/jsp/security/protected/index.jsp) by
specifying my own custom Authenticator like:
<auth-method>CUSTAUTH</auth-method>
which is defined in my
<tomcat_home>\server\classes\org\apache\catalina\startup\Authenticators.properties
file like:
CUSTAUTH=org.mycompany.authenticator.MyFormAuthenticator
So, when I try to access the protected example jsp page, I get this error:
"HTTP Status 500 - Configuration error: Cannot perform access control
without an authenticated principal"
If I change the web.xml back to use "FORM" or "BASIC" then it would work.
Would you have any ideas Craig?
Thanks again,
Dan
On Wed, 9 Jan 2002, Craig R. McClanahan wrote:
> On Wed, 9 Jan 2002, Dan Kha wrote:
>
> > Date: Wed, 9 Jan 2002 15:54:52 -0500 (EST)
> > From: Dan Kha <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > To: [EMAIL PROTECTED]
> > Subject: TC4.01: custom Authenticator
> >
> >
> > Hi,
> >
> > I'm interested in writing my own Authenticator implementation. My
> > question is, after writing my own implementation, how do I tell Tomcat
> > 4.01 to use my own custom Authenticator (and if possible without changing
> > Tomcat's source)?
> >
>
> The following cookbook steps should get you started:
>
> * Create your own Authenticator implementation. Usually it's
> easiest to extend org.apache.catalina.authenticator.AuthenticatorBase
> for this, but at a minimum you have to implement Valve.
>
> * Package your Authenticator class in a JAR file and put it in
> $CATALINA_HOME/server/lib, *or* leave it in an unpacked directory
> structure under $CATALINA_HOME/server/classes (which you might
> have to create). As you'll see in the next step, the latter is
> probably easier.
>
> * Extract the file "org/apache/catalina/startup/Authenticators.properties"
> file from $CATALINA_HOME/server/lib/catalina.jar, into the server/classes
> directory
>
>($CATALINA_HOME/server/classes/org/apache/catalina.startup/Authenticators.properties)
>
> * Edit this file to include an entry for a new login method. For example:
> FOO=com.mycompany.mypackage.MyAuthenticator
>
> * Modify the web.xml file of apps that want to use this Authenticator
> to indicate the use of the new authentication method:
> <login-config>
> <auth-method>FOO</auth-method>
> ...
> </login-config>
> Note that you cannot change any of the elements in web.xml because
> they are fixed by the DTD.
>
> > I know that to use the standard authenticators, I add the appropriate
> > lines in the web.xml file but I haven't found a way to change that to
> > support my own.
> >
>
> It should go without saying that you're tying yourself now and forever
> more to the Tomcat 4 architecture, but the above should work.
>
> > Does anyone have any ideas?
> >
> > Thanks in advance,
> > Dan
> >
>
>
> > NOTE to anyone thinking of extending FormAuthenticator or
> > BasicAuthenticator, you need to get the cvs source since the Tomcat 4.01
> > distribution declared those classes as "final".
> >
>
> The "final" has been removed from these classes in the HEAD branch (which
> is what the nightly builds are created from).
>
> Craig
>
>
> --
> To unsubscribe: <mailto:[EMAIL PROTECTED]>
> For additional commands: <mailto:[EMAIL PROTECTED]>
> Troubles with the list: <mailto:[EMAIL PROTECTED]>
>
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
