AuthenticRoast allows you to build highly flexible authentication mechanisms for the Java Web tier. This can be anything from HTTP Basic authentication to authenticating with openid, facebook, or your company's Kerberos setup. The authentication modules can be combined at will and even changed at runtime. This currently works for glassfish and plain Tomcat, and allows you to use all the features of container-managed security without being constrained to the simple login methods provided.
|Tags||Security Java Java EE|
|Operating Systems||OS Independent|
Release Notes: Some problems when used in plain Tomcat were fixed.
Release Notes: Authentication can now be shared between multiple contexts in the same container.
Release Notes: Specifying the authenticator module using the context-param roast.authenticator.class now also works for Glassfish 2 and 3.
Release Notes: The authentication module can now be specified using a context-param in the web.xml descriptor. This release also includes a few API cleanups and bugfixes.
Release Notes: This release adds a Tomcat valve for use in plain Tomcat. It has some minor API changes.