4 Replies Latest reply on Sep 28, 2007 7:33 AM by Antonio Fernández

    problem creating a new tomcat authentication method

    Antonio Fernández Newbie


      I'm trying to create a new web authentication method following the next procedure:

      - based on FormAuthenticator.java i've coded a new class (well, i've just copied FormAuthenticator but with different name in order to prevent errors)
      - added the line CUSTOM=<<my custom class>> in Authentication.properties
      - in web.xml, added the line <auth-method>CUSTOM</auth-method> (and all the necessary ones to protect the web resources)

      I'm using a simple application based on JSP pages to test my configuration but get a HTTP/403 Configuration error.

      This is the error page I get:

      type Status report

      message Configuration error: Cannot perform access control without an authenticated principal

      description Access to the specified resource (Configuration error: Cannot perform access control without an authenticated principal) has been forbidden.

      I've tried to "cheat" JBoss to test my class:
      - changed in authentication.properties the line FORM=org.jboss.etc... with FORM=<<my custom class>>
      - now the application's web.xml has the next line: <auth-method>FORM</auth-method>

      Everything goes fine in this case, but I would like to add this new authentication method instead of modifying the FORM method.

      Somebody knows what is happening?

      Thanks in advance,