Hi, I'm developing servlet using servlet API 2.3 on Tomact application server, now my task is to implement path based authentication (pba) with the following Tomcat configuration:
auth-method= BASIC Realm className="org.apache.catalina.realm.MemoryRealm" But behavior I need is: 1. If Tomcat gets request with no user information data (username/password) it should pass it to servlet and then servlet after handling request's URI according to pba config file may send SC_UNAUTHORIZED (if it needs authenticated user) or SC_FORBIDDEN (if any access denied). 2. If Tomcat gets request with username and password it should check them according to conf/tomcat-users.xml and if user authenticated pass it to servlet. After some research I found that there is no way to pass request to servlet at 1clause using configuration I've pointed. So what should I do to get behaviour I need. All thoughts, advice and everything is welcome. Thanks! S. Vadishev.
