-
1. Re: Login Filter
danny_hon Jul 15, 2005 10:56 AM (in response to julien1)Thanks a lot for the information. I will certainly take a look of Tomcat valve.
Just out of curiosity, do you have any ideas why the doFilter() is never called in my experimental case? I may need to use filter someday, not necessary for SSO. -
2. Re: Login Filter
julien1 Jul 15, 2005 11:03 AM (in response to julien1)where did you apply the filter ?
-
3. Re: Login Filter
danny_hon Jul 15, 2005 5:53 PM (in response to julien1)I created a war file structure for my portal, and applied the filter in the web.xml.
Basically, the structure is like this:
myportal.war/WEB-INF/myportal-portal.xml
myportal.war/WEB-INF/jboss-app.xml
myportal.war/WEB-INF/jboss-web.xml
myportal.war/WEB-INF/web.xml
myportal.war/WEB-INF/classes/com/xxx/LoginFilter.class -
4. Re: Login Filter
danny_hon Jul 18, 2005 11:30 AM (in response to julien1)I tried a simple Tomcat Valve, but I came to a dead end. I cannot make the authentication to work in the valve. I tried to the the existing realm to authenticate, but the realm available is BaseRealm, which does not do any authentication. I tried to create my own principal, but portal won't accept it.
Here is the sample Tomcat Valve I used. I appreciate if somebody can give me a direction.
================================================
package com.ge.health.security.ssovalve;
import java.security.Principal;
import java.util.ArrayList;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.ServletException;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.Valve;
import org.apache.catalina.valves.ValveBase;
public class SSOValve extends ValveBase {
public String getInfo() {
return "SSOValve";
}
public void invoke(Request request, Response response)
throws IOException, ServletException {
Principal principal;
System.out.println("SSOValue.invoke() is called");
if (request.getUserPrincipal() != null) {
System.out.println("Principal has already been authenticated");
getNext().invoke(request, response);
return;
}
/* Attempt 1 */
/* This won't work as the principal is missing some information */
/*
ArrayList roles = new ArrayList();
roles.add("Administrators");
request.setUserPrincipal(
new SSOPrincipal(
request.getContext().getRealm(),
"admin", roles));
*/
/* Attempt 2 */
/* This won't work as the realm here is just the BaseRealm */
/*
principal = request.getContext().getRealm().authenticate("admin", "admin");
if (principal == null) {
System.out.println("****** Error: principal is null");
}
else {
System.out.println("Set principal");
request.setUserPrincipal(principal);
}
*/
// now execute all other valves
getNext().invoke(request, response);
}
} // end of class -
5. Re: Login Filter
madhupocham Aug 24, 2005 8:23 AM (in response to julien1)hai Danny,
Did you get the solution for this problem. If, please give me the solution. Thank in advance.