This forum is now a read-only archive. All commenting, posting, registration services have been turned off. Those needing community support and/or wanting to ask questions should refer to the Tag/Forum map, and to http://spring.io/questions for a curated list of stackoverflow tags that Pivotal engineers, and the community, monitor.
No announcement yet.
How to authenticate through Tomcat tomcat-users.xmlPage Title Module
Well, basically what you would need to look for is the Spring Security way of doing that...nothing specific to Flex there really. That said, I don't believe Spring Security provides any out-of-the-box way to authenticate against a Tomcat security Realm (which is what you're defining in tomcat-users.xml), as that fulfilling part of the Servlet specification where it is expected that the container actually handles the authentication (either BASIC or FORM based). Spring Security has support for using the container provided Principal as the source of its Authentication, but it expects the actual authentication process to have already happened. (See http://static.springsource.org/sprin...h.html#d0e5696).
To actually authenticate against tomcat-users.xml without using the Tomcat-provided mechanisms, you need to actually program against Tomcat-internal classes, as you can see if you look at the out-of-the-box BlazeDS TomcatLoginCommand source. Again, I don't think Spring Security provides an equivalent, though I could be wrong...you'd be better served asking on the Spring Security forum for a definitive answer there.
In theory, it may be possible to make the existing TomcatLoginCommand work in conjunction with the Spring Security support, but I don't believe that would work without some additional modifications.