From: Ikonne, I. <Ike...@st...> - 2004-11-25 08:09:13
|
Hi Greg, I just want to thank you and the entire group for all the pointers that = you have provided so far, the pathContext and servletMapping information has = been=20 exceptionally helpful. =20 There is still a little mystery that I have not been able to resolve so = far and that is: After I have authenticated my client in HashUserRealm.authenticate, I = would like to pass some data to my servlet. I have tried using the follwoing mechanisms, but have to been able to = get it to work. Here is what I am doing inside HashUserRealm.authenticate, by the way, I = extend your jetty's HashUserRealm in order to do this. request.setAttribute(attrName, attr) --- did not work, when I tried to = get the attribute inside the servlet, it returns null. I have also tried to extend the the KnownUser and inside the Servlet I = tried to cast the getUserPrincipal() but did not work. My question is this, how could someone pass data to the servlet from the = point where user is being authenticated using jetty? Thanks, Ike -----Original Message----- From: Greg Wilkins [mailto:gr...@mo...] Sent: Sun 11/21/2004 5:32 AM To: jet...@li... Subject: Re: Jetty seems to be overriding security constraints =20 Ike, I think your problem is that there are two related - but different = mechanisms. The SecurityHandler handles security constraints when you are not using webapplications. It is used in combination with ServletHandlers and = FileHandlers. The webapplicationHandler is an extended servlet handler with security = handling built in. So you should either just use webapplications or = securityhandlers, but not both. When using a webapplicationcontext, the configuration of a authenticator = will be handled for you. Ikonne, Ike wrote: > Hi all, >=20 > I wil try another angle to my previous question: It seems to me that = if=20 > I load a servlet using >=20 > server.addWebapplicationContext( .......) >=20 > that jetty won't let me override the security constraints using the=20 > established web context. Is there any reason > for this? >=20 > What I am trying to accomplish is to have a basic web.xml associated=20 > with this servlet , and then > initialize the related security constraints dynamically. I have jetty = > embedded in my application. >=20 > Any suggestions will be highly appreciated ... >=20 >=20 > Cheers, >=20 > Ike >=20 |