2 Replies Latest reply on Feb 21, 2005 2:50 PM by Ricardo Arguello

    costum auth-method

    Rene Felder Newbie

      Hello,

      I read a lot about custom LoginModules (at least I didn't do anything else within the last 2 weeks), but did not found anything about custom auth-method implementations.

      The 'FORM' and 'BASIC' modules are very limited and do not fit our needs. Is there a possiblity to write a custom FormAuthenticator that is not restricted to two parameters (j_username and j_password).

      How and where do we need to configure custom authentication modules? The result should set the User Principal in Session scope so we can access it by calling Session.getUserPrincipal.

      Thanks for any help!
      Rene

        • 1. Re: costum auth-method
          Scott Stark Master

          You can install a custom authenticator using a tomcat valve. Tomcat looks to a org/apache/catalina/startup/Authenticators.properties file to find the mapping from the auth type to the default authenticator. You can create such a properties on the classpath (under the conf dir for example) and replace the authenticator with your own.

          BASIC=org.apache.catalina.authenticator.BasicAuthenticator
          CLIENT-CERT=org.apache.catalina.authenticator.SSLAuthenticator
          DIGEST=org.apache.catalina.authenticator.DigestAuthenticator
          FORM=org.apache.catalina.authenticator.FormAuthenticator
          NONE=org.apache.catalina.authenticator.NonLoginAuthenticator

          • 2. Re: costum auth-method
            Ricardo Arguello Newbie

            request.getUserPrincipal()

            This only works on a secured page