Re: Custom Authenticator, for ldap question [ and You are so right !]

You are so right!

The second class was listed right under the deprecated one and I didn't see it. It's exactly what I looking for!

thanks a lot.
  ----- Original Message -----
  From: Martín Córdova
  To: resin-interest@xxx.com
  Sent: Thursday, April 04, 2002 5:48 AM
  Subject: Re: Custom Authenticator, for ldap question

  Take a second look at the sources. There are 2 AbstractAuthenticators, one of them is the right one, the other is deprecated. according to the Resin docs, you should inherit from AbstractAuthenticator (the right one).

  I have redefined this method:

    public Principal loginImpl(HttpServletRequest request,
                               HttpServletResponse response,
                               ServletContext application,
                               String username, String password)
      throws ServletException

  As you can see, from the ServletContext you would have access to context parameters.

  Regards,
  Martin

    ----- Original Message -----
    From: Leila Lappin
    To: resin-interest@xxx.com
    Sent: Thursday, April 04, 2002 4:20 AM
    Subject: Custom Authenticator, for ldap question

    I want to write a custom authenticator to look up user information from LDAP for authentication and authorization. Can I write the class to implement ServletAuthenticator instead of extending AbstractAuthenticator? AbstractAuthenticator methods are all deprecated. Also it seems there's little or no flexibility since none of the application context parameters are accessible. This makes it hard to change look up parameters for ldap.

    If the answer to the first question is a yes then I have a second question. What method of ServletAuthenticator will get invoked by the servlet engine for the purpose of authentication.

    thanks in advance for your response
Received on Thu 04 Apr 2002 11:13:24 -0800