Re: Tomcat's container architecture - Authenticator

2007-11-29 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bill, Bill Barker wrote: > Suggestions on how to improve the Authenticators that ship with TC are > always welcome on [EMAIL PROTECTED] But help on > rolling-your-own-Authenticator > will likely get you pointed back to this list :). The original

Re: Tomcat's container architecture - Authenticator

2007-11-28 Thread Bill Barker
"Christopher Schultz" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Bárbara, > > Bárbara Vieira wrote: >> But if we have the Principal in cache, why we have to call the >> authenticator method(FormAuthenticator)? That call doesn'

Re: Tomcat's container architecture - Authenticator

2007-11-28 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bárbara, Bárbara Vieira wrote: > But if we have the Principal in cache, why we have to call the > authenticator method(FormAuthenticator)? That call doesn't provide any > additional security, can you understand now? That's a good question. Given the

RE: Tomcat's container architecture - Authenticator

2007-11-28 Thread Bárbara Vieira
To: Tomcat Users List Cc: 'Carlo Politi' Subject: Re: Tomcat's container architecture - Authenticator -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Barbara, Bárbara Vieira wrote: > My question is: why we are putting the Principal in the Request? So that request.getUserPri

RE: Tomcat's container architecture - Authenticator

2007-11-28 Thread Bárbara Vieira
: Tomcat's container architecture - Authenticator Only a question: what do you have to do with this auth? do you need to develope a new one or simply study it? ___ Yahoo! Mail: gratis 1GB per i messaggi e allegati da 10MB

Re: Tomcat's container architecture - Authenticator

2007-11-28 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Barbara, Bárbara Vieira wrote: > My question is: why we are putting the Principal in the Request? So that request.getUserPrincipal() will return a value. > Why we can’t just authenticate the user if there is a principal in > internal Session?! Does

Re: Tomcat's container architecture - Authenticator

2007-11-28 Thread Carlo Politi
Only a question: what do you have to do with this auth? do you need to develope a new one or simply study it? ___ Yahoo! Mail: gratis 1GB per i messaggi e allegati da 10MB http://mail.yahoo.it

RE: Tomcat's container architecture - Authenticator

2007-11-28 Thread Bárbara Vieira
quarta-feira, 28 de Novembro de 2007 14:15 To: Bárbara Vieira Subject: Re: Tomcat's container architecture - Authenticator Hello :) are you sure that invoke method of AuthenticatorBase is called inside FormAuthenticator? In my experience of these months of study, i have understood that the onl

RE: Tomcat's container architecture - Authenticator

2007-11-28 Thread Bárbara Vieira
st and return true. In others words, what kind of security this process provides?! Was I cleat enough? Thanks for everything, Regards from Braga, Portugal Bárbara Vieira From: Carlo Politi [mailto:[EMAIL PROTECTED] Sent: terça-feira, 27 de Novembro de 2007 23:49 To: [EMAIL PROTE