I took a look at JAASRealm and its authenticate method only takes two parameters (username and "credentials", which is really just a single password string).
Is it possible to pass my other credentials to the JAASRealm so that I can pass everything at one time (username, password, other credentials) to the stored procedure, rather than - if I've interepreted this correctly - authenticating once through the JAAS username/password, then again through my stored procedure to "cancel out" the previous authentication. I'm surprised that my authentication use case (while not common, it's also not out to lunch) requires such disgusting workarounds... Gregor Schneider wrote: > > Well, subclassing FormAuthenticator would be a hack, a > Tomcat-only-solution and inho a bad one. > > therefore, take a look at JAASRealm and try to combine it with your > existing login-procedure, meaning > > - Implement a JAASRealm > - get the credentials from there (user, password) > - do the JAAS-Authentication via Tomcat > - if ok, call your stored procedure > - if that returns ok, fine, otherwise invalidate the Session and react > accordingly > > That's just a rough schema, but it's a start to give you one or two > thoughts. > > BTW.m JAAS is not Tomcat-specific since JAAS is a Java-API which all > servlet-containers implement (at least all the important ones, afaik): > > http://en.wikipedia.org/wiki/Java_Authentication_and_Authorization_Service > > hth > > gregor > -- > what's puzzlin' you, is the nature of my game > gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 > gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Single-sign-on-without-form-based-authentication-tf3805975.html#a10789440 Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]