Hello,
Could someone please point me to what code i should look at to study how credentials are extracted from the HTTP and HTTPS requests ?
Thank you
You need the tomcat source to look at the connector code.
http://tomcat.apache.org/download-55.cgi
Additional security integration is in the tomcat module of the jboss server source tree.