Hello Chris,
With request I mean the 'org.apache.catalina.connector.Request' but this
implements 'javax.servlet.http.HttpServletRequest'. So, one and the same
thing for my situation.
And I don't only want access to that information during authentication
but it can also be used to pass information from the authentication to
the rest of the application. Like storing the password in the
subject.privateCredentials... This is needed in some rare cases where
the server has to do some kind of proxy login to another service based
on the client credentials.
Or using the usersession for misc info.
I'll have a look into the JASPIC discussion. Thanks. A valve looks
simpler though... (but Tomcat specific)
MAG,
Milo
On 10/27/2015 08:17 PM, Christopher Schultz wrote:
On 10/25/15 9:40 AM, Milo van der Zee wrote:
Hello,
There are some default valves available with Tomcat. None of these
expose the request to later phases in the request cycle. Is it an idea
to add a valve that does this? And make this available through a
callback in the jaas loginModule. Just like WebLogic and Websphere do
it. Or just use a static threadlocal variable in the valve with a static
getter.
Why?
If the jaas login module needs to communicate anything to the filter or
other request phases this is needed. When the request is available this
info can (for example) be added to the session.
Or when someone wants to use request info for jaas authentication this
could also be used.
Thanks for any ideas or comments.
Are you asking about access to the internal Tomcat "Request" object, or
are you asking about the HttpServletRequest?
I know it's inconvenient in Tomcat authenticators not to be able to get
things like the remote user's IP address -- for example, to log a failed
login attempt.
There is some discussion going on right now about using JASPIC as an
authentication API; perhaps you could join that discussion and advocate
for access to some of this information.
I would certainly be interested in having access to information from the
user's request during authentication.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
