This content has been marked as final.
Show 1 reply
-
1. Re: Intercept requests before JAAS kicks in?
starksm64 Apr 19, 2005 11:49 AM (in response to t_kishore)No. A custom authenticator or valve is required. Its an ambiguous aspect of the servlet spec as to whether filters should be engaged in authorization paths and currently tomcat treats filters as application level components that apply after the standard security checks.