I have a requirement to set user principals by intercepting the Servlet request. I want to write this in such a way that when deployed web application uses JAAS, the getPricipals method needs to return previously set roles. Is there a way that I can write a Tomcat valve?
How this can be done?
Thanks in advance,
JBossAS/WildFly authentication and authorisation is built on top of PicketBox. This contains a selection of JAAS login modules and a framework you can use to implement your own. Have a look at that. You will find a lot of information in the source code too.