PathAuthenticationServlet provides username and password authentication. You can associate one or more usernames and passwords with any URL request prefix. The servlet requires authentication in the form of a valid username/password pair before it allows service of a URL that begins with that prefix.

The PathAuthenticationServlet has the following properties:




The realm to use in authentication. Defaults to Dynamo.


Is authentication enabled? Defaults to false.


A ServiceMap that maps path prefixes to components that implement the Authenticator interface, which checks whether a username/password pair is valid.

By default, PathAuthenticationServlet appears in the DAF servlet pipeline between the ThreadUserBinderServlet and the DynamoServlet, but PathAuthenticationServlet is not enabled. You can enable PathAuthenticationServlet by setting the enabled property to true.

PathAuthenticationServlet (if enabled) searches all the keys in the authenticators map to see if the requested URL starts with any of the path prefixes listed there. The servlet uses the longest path prefix that matches and the corresponding authenticator object is used to authenticate the request.


The following example assumes your HTTP server has a document root of /docs. You can enable password authentication for directories called docs/truth and docs/truth/inside_truth with the following properties settings in the PathAuthenticationServlet :


Note: The paths exclude the /docs prefix; these paths are relative to the docroot of the HTTP server.

An authenticator component includes a passwords property. The value of the passwords property is a list of valid username/password pairs. Thus, the file might read:


In this example, if a user requests any document in the /docs/truth area, the user is required to provide the username satchmo and the password cornet. You can create a separate authenticator component at /application/auth/Inside_TruthPassword to require a different username/password pair in order to request documents from the /docs/truth/inside_truth area.