Hi Gabor,
On 03/19/09 02:27 PM, Gabor Szokoli wrote:
> On Thu, Mar 19, 2009 at 8:27 PM, Jan Luehe <Jan.Luehe_at_sun.com> wrote:
>
>> On 03/19/09 01:49 AM, Gabor Szokoli wrote:
>>
>>> I'd like to impose security realm based access restrictions on an HTTP
>>> listener or Virtual Server
>>>
>> Have you considered configuring your virtual-server with a custom valve
>> that would perform the authentication?
>>
>
> Nope, never heard of them before.
>
> So I guess there's no configuration-level way to do it yet.
>
>
>> You would specify your valve (including its fully qualified class name)
>> as a property of your virtual server.
>>
>
> That just leaves me the task of creating a custom valve that bounces
> back unauthenticated requests with 401 responses I guess?
>
Yes. The GlassFish web container already uses valves (at the context level)
to handle a webapp's authentication requirements.
>
>> Let us know if you have any questions on how to do this.
>>
>
> Seems well documented, but it's not our worst itch right now.
> I'll get back to you once it is :-)
>
Great!
Thanks,
Jan
> Gabor Szokoli
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>