5 Replies Latest reply on Aug 24, 2005 8:23 AM by Madhu Pocham

    Login Filter

    Viet Master

      Yes filter are supported.

      The login of the web container is applied before filters are applied so you cannot use a web filter to divert the web container authentication.

      If you want to do that you rather need to do a tomcat valve that you will insert in the valve pipeline of tomcat, here are some example of valves :
      http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/valve.html

      Valves are similar to servlet filter. You can configure valve in tomcat configuration in deploy/jbossweb-tomcat55.sar

        • 1. Re: Login Filter
          Danny Hon Newbie

          Thanks a lot for the information. I will certainly take a look of Tomcat valve.

          Just out of curiosity, do you have any ideas why the doFilter() is never called in my experimental case? I may need to use filter someday, not necessary for SSO.

          • 2. Re: Login Filter
            Viet Master

            where did you apply the filter ?

            • 3. Re: Login Filter
              Danny Hon Newbie

              I created a war file structure for my portal, and applied the filter in the web.xml.

              Basically, the structure is like this:
              myportal.war/WEB-INF/myportal-portal.xml
              myportal.war/WEB-INF/jboss-app.xml
              myportal.war/WEB-INF/jboss-web.xml
              myportal.war/WEB-INF/web.xml
              myportal.war/WEB-INF/classes/com/xxx/LoginFilter.class

              • 4. Re: Login Filter
                Danny Hon Newbie

                I tried a simple Tomcat Valve, but I came to a dead end. I cannot make the authentication to work in the valve. I tried to the the existing realm to authenticate, but the realm available is BaseRealm, which does not do any authentication. I tried to create my own principal, but portal won't accept it.

                Here is the sample Tomcat Valve I used. I appreciate if somebody can give me a direction.
                ================================================
                package com.ge.health.security.ssovalve;

                import java.security.Principal;
                import java.util.ArrayList;
                import java.io.IOException;
                import javax.servlet.http.HttpServletRequest;
                import javax.servlet.ServletException;
                import org.apache.catalina.connector.Request;
                import org.apache.catalina.connector.Response;
                import org.apache.catalina.Valve;
                import org.apache.catalina.valves.ValveBase;

                public class SSOValve extends ValveBase {

                public String getInfo() {
                return "SSOValve";
                }

                public void invoke(Request request, Response response)
                throws IOException, ServletException {
                Principal principal;

                System.out.println("SSOValue.invoke() is called");

                if (request.getUserPrincipal() != null) {
                System.out.println("Principal has already been authenticated");
                getNext().invoke(request, response);
                return;
                }

                /* Attempt 1 */
                /* This won't work as the principal is missing some information */
                /*
                ArrayList roles = new ArrayList();
                roles.add("Administrators");
                request.setUserPrincipal(
                new SSOPrincipal(
                request.getContext().getRealm(),
                "admin", roles));
                */

                /* Attempt 2 */
                /* This won't work as the realm here is just the BaseRealm */
                /*
                principal = request.getContext().getRealm().authenticate("admin", "admin");
                if (principal == null) {
                System.out.println("****** Error: principal is null");
                }
                else {
                System.out.println("Set principal");
                request.setUserPrincipal(principal);
                }
                */

                // now execute all other valves
                getNext().invoke(request, response);
                }

                } // end of class

                • 5. Re: Login Filter
                  Madhu Pocham Newbie

                  hai Danny,

                  Did you get the solution for this problem. If, please give me the solution. Thank in advance.