tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Drasko Kokic <drasko_ko...@yahoo.com>
Subject RequestIntercepter, Authentication & Login Form
Date Mon, 12 Feb 2001 17:30:33 GMT
Hi again,

I have finished an implementation of the SingleLogin
infrastructure protecting the whole heterogene multi
site portal using RequestIntercepters and Servlet API
2.2 container based security.
There are still two issues I would like to understand
better:
1. The URI to the login page is specified relative to
the container.  Why are we not able to configure this
page with an absolute URL so that another host could
be used as an authentication site?!

2. The authorise methode of the RequestIntercepter is
being invoked for both protected pages as well as
after submiting the username and password on the login
page.  I would need to do two different things
depending from where the call comes (eg. check
username/password if from login otherwise check
cookie).  How can I detect in the authorise methode if
the methode is being invoked after submiting
username/password on the login page?!

TIA
Drasko


__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!  http://personal.mail.yahoo.com/

Mime
View raw message