<auth-method>SSOBASIC</auth-method> is not valid. there are 4 valid values: BASIC, FORM, DIGEST and CLIENT_CERT
I thought by means of the following configuration in the jboss-web.xml file (see snippet below) of my web app I can plugin in a new/custom authenticator.
And that I can reference/use the new custom authenticator im my web app by using the key (SSOBASIC), which is configured in the jboss-web.xml file. If not, what would be the proper/correct way to plugin a authenticator without using jbossweb-tomcat55.sar/META-INF/jboss-service.xml file
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"
the <realm-name>aRealm</realm-name> should correspond to <security-domain>java:/jaas/passataxa</security-domain> (passataxa in fact)
I have additionally written my own jaas login module (this works very well) also with the realm name I used above. (I think that you meant that with your last 2 posts).
Additionally I have written a Tomcat Authenticator (meaning a class extending the AuthenticatorBase class of Tomcat) in the same way Tomcat does it for JEE standard auth methods (like BASIC, FORM,...) I just wanted to create my own to do some SSO stuff (very proprietary). I found descriptions how to do it see http://community.jboss.org/wiki/GenericHeaderBasedAuthentication and there is also described that I can plug it in into the file
jbossweb-tomcat55.sar/META-INF/jboss-service.xml (which also works). Using that I can define an own auth-method (e.g. SSOBASIC) and everything is fine. The prob I have is that this file is shared in our environment between serveral JBoss Runtimes and I cannot modify it. In the dtd structure of jboss-web there is also a authenticator tag, so therefor I thougt I can use that one
It would be also possible to plug it in as a valve (as also described in http://community.jboss.org/wiki/GenericHeaderBasedAuthentication ) but then I would not be able to use a custom auth-method (SSOBASIC in my sample)