I on Tomcat 5.0.28 on Redhat Linux AS4.
I have some doubts on creating (programming) a custom realm, and I could not
find my answers after a google search.
Goal: I have a web-app which I have protected with an external
authentication engine. To achieve this, I have written a custom valve which
sets a principal. Code snippet in "invoke":
// The username of the external system is same as username of tomcat.
String user = GetIdentity(); // This returns the user. Works OK.
GenericPrincipal principal = new
GenericPrincipal(request.getContext().getRealm(), user,user);
((HttpRequest)request).setUserPrincipal(principal);
Here, I do not get the roles of the user, so the principal object is been
set without roles, and so, the authorization to the webapp is being denied
(although authentication is passed).
I thought of writing a custom Realm to get the Principal and the associated
roles from tomcat, but I have difficulty/doubt in the custom realm. Code
snippet of my trial is below, but if anyone can provide a better solution
that would also be good.
I tried to extend RealmBase and implement Realm class and override the
getPrincipal, getPassword and getUser methods. I do not wish to do any
authentication here, because the authentication is already done by the
external system.
Over here, I do not have any clue on how to get the principal from the
request. I tried to search, but no help.
public class CustomRealm extends RealmBase implements Realm {
protected java.security.Principal getPrincipal(String userName) {
GenericPrincipal principal....
}
}
Any hints would be welcome.
DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the
property of Persistent Systems Ltd. It is intended only for the use of the
individual or entity to which it is addressed. If you are not the intended
recipient, you are not authorized to read, retain, copy, print, distribute or
use this message. If you have received this communication in error, please
notify the sender and delete all copies of this message. Persistent Systems
Ltd. does not accept any liability for virus infected mails.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
