tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Wentzel <>
Subject RE: Form Based Authorization Question
Date Wed, 10 Jan 2001 12:08:53 GMT
> I am implementing the Java Servlet Form based login mechanism 
> in my web
> application, and had a question.  Is it possible for me to have a
> "default location" that a user goes to when they login?  In many
> instances, a user will go directly to the login JSP, rather than
> requesting a web resource first (which then causes Tomcat to 
> display the
> login page, and then redirect back to the resource after
> authentication).  If they haven't requested a resource, I'd like the
> login to take them to their "home" (different roles have 
> different homes
> in my application).  The only way I see right now is to check 
> and see if
> session.getAttribute( "tomcat.auth.originalLocation" ) is 
> null, but that
> seems rather naughty... is this the only way of doing it.  I have
> written my own Realm object (that extends BaseInterceptor) for
> authentication/authorization purposes.  Could something be done in
> there?

One solution to to check the referring document and see if it's a valid
one otherwise go to default for user determined from database.

Michael Wentzel
Software Developer
<A HREF="">Software As We Think</A>
<A HREF="mailto://">Michael Wentzel</A>

View raw message