tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 21795] - j_security_check isn't fed through filters
Date Mon, 04 Aug 2003 05:33:59 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21795>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21795

j_security_check isn't fed through filters

j_t_bell@yahoo.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|INVALID                     |



------- Additional Comments From j_t_bell@yahoo.com  2003-08-04 05:33 -------
I have made the request for clarification. It seems to me that this is a 
critical matter and is one of the remaining areas of incompatability between 
containers created by different vendors.  The current means of using FORM based 
security is too limiting to be useful to many applications that desire to use 
container managed security.  Filters offer a potiential means of removing some 
of the limitations.  Examples some of the limitations that I am refering to 
include:

- Logins that require more than just userid and password.
- Support for optional login or login directly from a home page form.
- Logins supporting a "remember me" feature.
- Situations that require logging and retrieval or recording of information 
upon each login.

These situations occur too frequently in the real world to be ignored. If 
container managed security is to have any value it must be able to support 
these types of situations.

John T. Bell

Mime
View raw message