hi,David,
My aim is that tomcat could authenticate users without promoting
any login form. I give out the userID and password in the servlet
code. when users navagate the servlet page, they would login to tomcat
as that userID identity.
Thanks a lot!
Zhu quanxin
2007/9/6, David Delbecq <[EMAIL PROTECTED]>:
> Hi,
>
> Am not sure to understand what you want to do. You want to login user
> without requiring it, ever, to authenticate? That seems to me quite
> paradoxal. Maybe you should explain a bit more what you try to achieve...
>
> 朱全鑫 a écrit :
> > Hi,
> >
> > I have already enabled the SSO function in server.xml. It could be
> > promoted the challenge once when I visit the first webapp and without
> > login to all the webapps in the host. But I do not want any login form
> > promoted to users. So my point is, how do I write code in a jsp or
> > servlet to auto login to the first webapp without the login-form
> > promoted to users.
> > For example, in websphere application server, the following code
> > could be auto login to the server, If we give the right username and
> > password pair.
> >
> > code begin
> > ------------------
> > LoginContext lc = null;
> >
> > try {
> > lc = new LoginContext("WSLogin",
> > new WSCallbackHandlerImpl("userName", "password"));
> > } catch (LoginException le) {
> > System.out.println("Cannot create LoginContext. " +
> > le.getMessage());
> > // Insert the error processing code
> > } catch(SecurityException se) {
> > System.out.println("Cannot create LoginContext." + se.getMessage());
> > // Insert the error processing code
> > }
> >
> > try {
> > lc.login();
> > } catch (LoginException le) {
> > System.out.println("Fails to create Subject. " + le.getMessage());
> > // Insert the error processing code
> > ----------------
> > code end
> >
> > I do not know if tomcat provide some APIs like the above, and we
> > could use the API to programmic login to the tomcat server. and where
> > to find the instruction to use the API?
> >
> >
> > Many Thanks!
> > Zhu quanxin
> >
> >
> >
> > 2007/9/5, David Delbecq <[EMAIL PROTECTED]>:
> >
> >> http://tomcat.apache.org/tomcat-5.5-doc/config/host.html
> >>
> >> See section about single-sign. This share credential between webapps.
> >>
> >> Note: it's not a "programamtic". It just let all your application share
> >> a same authentification token. Once you authenticate using J2EE
> >> compliant method in application X, it's not necessary to login into
> >> other application Y on same host that is also using J2EE compliant
> >> authentification mecanism.
> >>
> >> En l'instant précis du 05/09/07 16:51, 朱全鑫 s'exprimait en ces termes:
> >>
> >>> hi, everyone
> >>>
> >>> I meet a problem about programmic login. I setup a tomcat server,
> >>> and deploy two WAR files (applications) on it. One of the application
> >>> A is protected by server authentication, and the other application B
> >>> is not. I want to setup a scenario : when user navigates the
> >>> application B, he could programmic login to tomcat using username and
> >>> password that is coded in the application of B, and then he
> >>> navigates the application A in the same browser, he never needs to
> >>> response the challenge promoted by application A.
> >>>
> >>> I would very appreciate if someone could help me.
> >>>
> >>> Thanks
> >>>
> >>> Zhu Quanxin
> >>>
> >>> ---------------------------------------------------------------------
> >>> To start a new topic, e-mail: users@tomcat.apache.org
> >>> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >>> For additional commands, e-mail: [EMAIL PROTECTED]
> >>>
> >>>
> >> --
> >> http://www.noooxml.org/
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To start a new topic, e-mail: users@tomcat.apache.org
> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >> For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>
> >>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
致
礼!
朱全鑫
