just downloaded security filter and had a look, it looks very cool. If I
had more robust requirements for my authentication (and more time!) I
would probably use it.
At the moment though I've got a workable work-around in using the
toString() method, so I'll just use that instead.
thanks Chris!
Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Matthew,
Why not just use the built-in authentication and authorization mechanism
instead of trying to use Tomcat's built-in classes to roll your own?
A more flexible option is to use securityfilter
(http://securityfilter.sourceforge.net) to handle everything.
securityfilter allows you to use Tomcat realms by dropping catalina.jar
into your webapp's library directory. Since securityfilter runs entirely
in your webapp, there are no classloading problems (even though Tomcat's
internal classes are used, they are loaded by the webapp's ClassLoader,
and are insulated from Tomcat, so they're safe).
- -chris
--
Matthew Kerle
IT Consultant
Canberra, Australia
Mobile: +61404 096 863
Email : [EMAIL PROTECTED]
Web : http://threebrightlights.blogspot.com/
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
