This week's book giveaway is in the Android forum.
We're giving away four copies of Head First Android and have Dawn & David Griffiths on-line!
See this thread for details.
The moose likes Other JSE/JEE APIs and the fly likes Using JAAS to authenticate tomcat users Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Head First Android this week in the Android forum!
JavaRanch » Java Forums » Java » Other JSE/JEE APIs
Bookmark "Using JAAS to authenticate tomcat users" Watch "Using JAAS to authenticate tomcat users" New topic

Using JAAS to authenticate tomcat users

Norris Shelton

Joined: Oct 18, 2004
Posts: 7
I am aware that JAAS can be used to authenticate users on Tomcat. This normally involves a user id and a password.

We identify our users via user id, site id and password. Can JAAS be used to do this?

SCJP 1.1 (04/1999)
Paul Sturrock

Joined: Apr 14, 2004
Posts: 10336

I'd read the JAAS Reference Guide if I were you, its very useful since there are more new concepts to grasp with JAAS than with some other API.

For your requirements you can write a LoginModule whose login method can use the three properties you need to authenticate someone.

We use JAAS with JBoss currently (which uses Tomcat as its web container) to do our custom authentication.

JavaRanch FAQ HowToAskQuestionsOnJavaRanch
Charles GAY

Joined: Jun 11, 2004
Posts: 18
you should have a look towards jGuard ( which integrate JAAS into J2EE webapps in a RBAC way.

sincerly yours,

charles(jGuard team).
subject: Using JAAS to authenticate tomcat users
It's not a secret anymore!