- I have taken the Valve code and pretty much used it as is. There are three differences:
- 1. Configuration is simplified.
- 2. Where the authenticated user name is fetched from. I have had to use a plain session attribute.
- 3. The way status codes are passed back to the Servlet container. Using the filter, you can now configure the error pages for each status code in the web.xml. The Valve code could easily be changed to do this too - it currently passed back a 500 for every error.
It is available in the ucam-webauth github project
The filter is distributed under the terms of the GNU Lesser General Public License.