A Valve is similar to a Filter, except that it is specific to Tomcat. The
reason to use a Valve here (instead of a Filter) is that Authentication
happens before any of the Filters get a chance to be called. However Valves
get called before Authentication, so you still have a chance to change
things. So leaving out the hard parts, you would have something like:
public class MySingleSignonValve implements Valve {
public MySingleSignonValve() {
}
public String getInfo() {
return "MySingleSignonValve/1.0";
}
public void invoke(Request request, Response response, ValveContext
context)
throws IOException, ServletException {
String userName = getUserName(request); // Your implementation
if( userName != null ) {
String userPass = getUserPass(request, userName); // Your
implementation
String creds = userName + ":" + userPass;
String b64Creds = new String(Base64.encode(creds.getBytes()));
request.setAuthorization(b64Creds);
// Probably redundant, but can't hurt
request.addHeader("Authorization","Basic " + b64Creds);
}
context.invokeNext(request, response);
}
// Your methods here
}
The tricky part is to figure out if the user has logged on before (which is
left as an exercise for the reader :). Tomcat's SingleSignOnValve is a good
place to look for ideas. Also, for a real-world Valve, you would probably
want to extend ValveBase instead of implementing Valve (although the latter
will work). The gain is LifeCycle support.
"Dinh, Chinh" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Thanks, Bill .
> In BasicAuthenticator.java , the authenticate() method gets the username
and password by calling :
>
> String authorization = request.getAuthorization();
>
> which gets the value from the "authorization" request header, which is
the value to be base 64 encoded of username and password. My goal is to set
this request with the correct "authorization" header so that I can bypass
the "Login dialog" if the username and password are already got before the
request (before the user enters http://......../webdav to run the webdav
servlet). I have no clue how to do this ... What's the purpose of a VALVE
class ? Thanks.
>
>
> Bill Barker <[EMAIL PROTECTED]> wrote:
> The simplest solution is to enable the SingleSignOnValve. This allows any
> login to any Context to be passes to any other Context. If this doesn't
> meet your needs, then you can:
> 1) Write a custom Valve to pickup the User.
> 2) Write a custom Authenticator that knows how to pickup the User.
>
> "Dinh, Chinh" wrote in message
> news:[EMAIL PROTECTED]
> >
> > I have a question about WEBDAV and How authenticate works.
> >
> > If i have this in web.xml
> >
> >
> > BASIC
> > MyCustomRealm
> >
> >
> > It will get an Popup Log in dialog, and it will invoke my realm's
> > authenticate() method, with username and password being entered by
> > the user.
> >
> > However, I do not want the log in dialog to pop up in all cases.
> > There's a case that the user is already authenticated BEFORE he tries
> > to run the webdav servlet, and in this case, he wants to bypass the
> > log in dialog.
> >
> > Do you know How to pass in the Authenticator class some information
> > so that it doesn't need to invoke the login dialog if the user is
already
> > authenticated ? What information would the authenticator need ?
> >
> > Thanks.
> > - Chinh
> >
> >
> >
> > ---------------------------------
> > Do you Yahoo!?
> > SBC Yahoo! DSL - Now only $29.95 per month!
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
> ---------------------------------
> Do you Yahoo!?
> SBC Yahoo! DSL - Now only $29.95 per month!
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
