Jamais deux sans trois.
Download Waffle 1.3.
Copy waffle-jna.jar, jna.jar and platform.jar to Tomcat’s lib directory. You can package these files with your application, but this is easier for the demonstration.
Add the security filter to WEB-INF\web.xml.
A demo application can be found in the Waffle distribution in the Samples\Tomcat\waffle-filter directory. Copy the entire directory into Tomcat’s webapps directory and navigate to http://localhost:8080/waffle-filter.
Retrieving User Principal
If you’re familiar with Tomcat you’ll be surprised that
<%= request.getUserPrincipal().getName() %> works in a JSP page with this filter in place and no realm configuration. Theoretically Tomcat says you cannot assign a Principal to the request in a filter. The guys at the Tomcat Security Filter Project found a very simple solution – wrap the request up and pass the wrapper into the next filter in the chain.