tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 21795] - j_security_check isn't fed through filters
Date Tue, 05 Aug 2003 14:50:06 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21795>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21795

j_security_check isn't fed through filters





------- Additional Comments From remm@apache.org  2003-08-05 14:50 -------
And in which case I have no idea how to implement it, as the filter pipeline
ends with a servlet, and there's no servlet matching that URL. Besides, it would
make FORM behave differently than the other auth methods, which contradicts its
design principles.

For extending the machanism, a container extension feature should be used, such
as: a custom realm, a custom authenticator, a custom valve inserted in the
pipeline. Filters are located at the application level, and as such are not a
magic bullet for everything (although they can meet maybe 90% of the needs).

Mime
View raw message