-
1. Re: problem creating a new tomcat authentication method
antoniofer Sep 13, 2007 7:38 AM (in response to antoniofer)Ok, I have made some findings about this which may cast some light:
I think Tomcat can't load correctly the web.xml configuration file when I use my custom authenticator method. I use this lines in web.xml to specify which authenticator module should be used:
<login-config>
<auth-method>CUSTOM</auth-method>
<realm-name>Custom Realm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
I suspect Tomcat does not know that it must take into account "form-login-config" fields. My custom authenticator is just FormAuthenticator modified, so Tomcat should be configured in the same way. What do you think about this? How can I tell Tomcat to read the form-login-config fields?
Thanks,
Antonio -
2. Re: problem creating a new tomcat authentication method
antoniofer Sep 14, 2007 5:58 AM (in response to antoniofer)Well, my own reply is wrong, as I can see if I put some logging traces... My CustomAuthenticator knows that login page is /login.jsp and error one is /error.jsp. So I'm back to my first post ... I have seen similar errors:
http://mail-archives.apache.org/mod_mbox/tomcat-users/200201.mbox/%3CPine.SOL.4.30.0201101812390.15830-100000@sunrise.ccs.yorku.ca%3Ecat-users/200201.mbox/%3CPine.SOL.4.30.0201101812390.15830-100000@sunrise.ccs.yorku.ca%3E
They are using a previous version of tomcat, I'm testing with JBoss 3.2.4 which ships with Tomcat 5.0.26.
Any suggestions? :)
Antonio -
3. Re: problem creating a new tomcat authentication method
amit.bhayani Sep 27, 2007 12:46 PM (in response to antoniofer)Not sure what you are trying to do here but if writing a Custom Login Module is what you are looking for then in JBoss you need to add that to JBossAS/server/all/conf/login-config.xml
Look at wiki http://wiki.jboss.org/wiki/Wiki.jsp?page=LoginModule -
4. Re: problem creating a new tomcat authentication method
antoniofer Sep 28, 2007 7:33 AM (in response to antoniofer)I think we're talking about different topics. Let me explain a bit more...
A LoginModule seems to manage user identity and credentials once collected, but doesn't allow to control how you collect them. This is what we want to control and so we need to create a new Tomcat Authenticator (You know there are different authentication methods available in JBoss: BASIC, FORM, CLIENT-CERT, DIGEST). We are following the next procedure:
- Create a class extending AuthenticatorBase
- Register it in Authenticator.properties
- Modify web.xml of the web application adding the line (amongst others, of course):
<auth-method>CUSTOM</auth-method>
At this point is where we get the error described previously. Do you know what can be causing it?
Thanks in advance,
Antonio