How would I go about creating custom authentication for the following scenario.
To authenticate, I want to forward a user to another url (different server not under my control) that handles authentication and redirects back to where I tell it - the original location.
For example going to my tomcat site at http://mytomcathost:8080/MyServlet?param=value would redirect to http://authenticationserver/login/?url=http://mytomcathost:8080/MyServlet?param=value which would redirect back to http://mytomcathost:8080/MyServlet?param=value once authentication succeeds. I want to be able to pass authentication if a particular cookie is set. So I need access to the HttpServletRequest inorder to decide whether or not to redirect to the authentication site. How would I do this with the servletfilter project? What classes do I need to extends and what kind of configuration am I looking at? Essentially, I only want to authenticate when a particular cookie is set and I want to pull the username (getRemoteUser()) from that cookie. Is that possible?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
How would I go about creating custom authentication for the following scenario.
To authenticate, I want to forward a user to another url (different server not under my control) that handles authentication and redirects back to where I tell it - the original location.
For example going to my tomcat site at http://mytomcathost:8080/MyServlet?param=value would redirect to http://authenticationserver/login/?url=http://mytomcathost:8080/MyServlet?param=value which would redirect back to http://mytomcathost:8080/MyServlet?param=value once authentication succeeds. I want to be able to pass authentication if a particular cookie is set. So I need access to the HttpServletRequest inorder to decide whether or not to redirect to the authentication site. How would I do this with the servletfilter project? What classes do I need to extends and what kind of configuration am I looking at? Essentially, I only want to authenticate when a particular cookie is set and I want to pull the username (getRemoteUser()) from that cookie. Is that possible?