Hello everybody, If this is not the appropriate mailing list, please tell me which mailing list I should use.
I have writte a first jaas login module and it does authenticate users by logging into an imap server. If the credentials establish a connection and the inbox can be opened, the login is considered successful. This works so far. But now I do not see how to connect the authentication module to a security constraint. I mean, do I have to add every user that has an imap account to web.xml? Not really!? (You will find my web.xml and context.xml at the end of this message) Best Regards, Oliver Block <?xml version="1.0" encoding="UTF-8"?> <Context antiJARLocking="true" path="/JavaMailLoginServlet"> <Realm className="org.apache.catalina.realm.JAASRealm" appName="WebLogin" userClassNames="com.oliverblock.principal.JavaMailPrincipal" roleClassNames="" debug="99" /> <Resource name="mail/Session" auth="Container" type="javax.mail.Session" mail.smtp.host="localhost" mail.imap.host="localhost" factory="org.apache.naming.factory.MailSessionFactory" /> </Context> <?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <session-config> <session-timeout> 30 </session-timeout> </session-config> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <security-constraint> <display-name>UserConstraint</display-name> <web-resource-collection> <web-resource-name>User</web-resource-name> <description/> <url-pattern>/</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>HEAD</http-method> <http-method>PUT</http-method> <http-method>OPTIONS</http-method> <http-method>TRACE</http-method> <http-method>DELETE</http-method> </web-resource-collection> <auth-constraint> <description/> <role-name>User</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name/> <form-login-config> <form-login-page>/login.html</form-login-page> <form-error-page>/loginError.html</form-error-page> </form-login-config> </login-config> <security-role> <description/> <role-name>User</role-name> </security-role> </web-app> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org