Gregor Schneider wrote:
To the OP:
1. May I ask what database it is you're using?
Postgres - but a more general solution would be nice.
2- I'd go for the following solution:
Create a JSP-page accepting the credentials. The username should be
converted to uppercase. The password should be left as is so that
case-sensivity here is maintained.
That doesn't actually fit in with the Servlet CMS. I can easily decode
the user name and password by your mechanism. However, then I have to
rather extensively modify my code (covering 3 applications and 4 web
services) to apply the credentials. What I was looking for was a way of
extending what I already have.
Don't know if I'm missing something, but to me that looks like a walk
in the park.
See above. The problem is not decoding the password, but making sure
that the container managed security mechanism is maintained.
So far, the best suggestions that I've had are:
1. Modify DataSourceRealm
2. Use secuirityfilter.
From my point of view, as I don't use hashed passwords at the moment
the easiest thing to do is to modify the DataSourceRealm as suggested by
Mark Thomas. However, I think that the ability to extend the login
system to use either a user name or an email address would probably be
useful for other people. I'll give it some thought.
Regards
Alan
Rgds
Gregor
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
