Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification.
The following page has been changed by VegarNeshaug: http://wiki.apache.org/tomcat/SSLWithFORMFallback6 New page: This is my implementation of SSL with FORM fallback. It has been tested on tomcat 6.0.16. Feel free to use at is you like. I do not know if this is the best approach, but it's simple and it works. Also see [http://wiki.apache.org/tomcat/SSLWithFORMFallback] {{{ import java.io.IOException; import java.security.Principal; import java.security.cert.X509Certificate; import javax.management.MalformedObjectNameException; import javax.management.ObjectName; import org.apache.catalina.Container; import org.apache.catalina.Globals; import org.apache.catalina.authenticator.AuthenticatorBase; import org.apache.catalina.authenticator.Constants; import org.apache.catalina.authenticator.FormAuthenticator; import org.apache.catalina.authenticator.SSLAuthenticator; import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; import org.apache.catalina.deploy.LoginConfig; import org.apache.coyote.ActionCode; /** * * @author vegar */ public class SSLWithFormFallback extends AuthenticatorBase { // Our two authenticators FormAuthenticator formAuthenticator = new FormAuthenticator(); SSLAuthenticator sslAuthenticator = new SSLAuthenticator(); /** * Descriptive information about this implementation. */ protected static final String info = "net.neshaug.SSLWithFormFallback/1.0"; /** * Return descriptive information about this Valve implementation. */ @Override public String getInfo() { return (info); } @Override public boolean authenticate(Request request, Response response, LoginConfig config) throws IOException { // Have we already authenticated someone? Principal principal = request.getUserPrincipal(); //String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE); if (principal != null) { // Associate the session with any existing SSO session in order // to get coordinated session invalidation at logout String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE); if (ssoId != null) { associate(ssoId, request.getSessionInternal(true)); } return (true); } // Get certificates from the request boolean certAuth = true; X509Certificate certs[] = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR); if ((certs == null) || (certs.length < 1)) { request.getCoyoteRequest().action(ActionCode.ACTION_REQ_SSL_CERTIFICATE, null); certs = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR); } if ((certs == null) || (certs.length < 1)) { // No certificates certAuth = false; } // Delegate authentication request if (certAuth) { return sslAuthenticator.authenticate(request, response, config); } else { return formAuthenticator.authenticate(request, response, config); } } // I'd rather not have the below, but it is necessary for the // authenticators to work properly. @Override public void setContainer(Container container) { super.setContainer(container); sslAuthenticator.setContainer(container); formAuthenticator.setContainer(container); } @Override public ObjectName createObjectName(String domain, ObjectName parent) throws MalformedObjectNameException { sslAuthenticator.createObjectName(domain, parent); formAuthenticator.createObjectName(domain, parent); return super.createObjectName(domain, parent); } } }}} --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
