tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Carlson <>
Subject Form Authentication potential contribution
Date Thu, 09 May 2002 23:47:09 GMT

I am new to this list and to developing tomcat.

One of the issues I had was wanting my login page to be the first page
people went to, but with the current FormAuthentication you get an error
(invalid direct reference to form login page).

I have modified the FormAuthenication class so if someone posts to
j_security_check from the login page (specified in the web.xml) it will
authenticate and redirect them back to the login page.

I also added another feature where if a person also posts the parameter
 j_redirect_url to j_security_check it will forward them to that url (note:
the j_redirect_url must be an absolute url reference).

The logic inside this class is fairly complicated because it deals with
multiple requests and I think I did everything correctly. If someone wants
to provide feedback that would be great. What the best way to either
integrate this into tomcat or make it available as an alternative form
authentication class?

I am hoping to make a valve which solves this problem more elegantly, but
that the next step.


View raw message