tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Drasko Kokic <drasko_ko...@yahoo.com>
Subject Re: RequestIntercepter, Authentication & Login Form
Date Mon, 19 Feb 2001 11:48:58 GMT
Maybe my original post was not clear, hence no reply
received :-(

Questions:
1.) Is it possible to specify login page on the other
servlet context (or other web site)?!
2.) How can I detect in the authorise method if the
method is being invoked after submiting
username/password on the login page or after
requesting any other protected page?!

--- Drasko Kokic <drasko_kokic@yahoo.com> wrote:
> Hi again,
> 
> I have finished an implementation of the SingleLogin
> infrastructure protecting the whole heterogene multi
> site portal using RequestIntercepters and Servlet
> API 2.2 container based security.
> There are still two issues I would like to
understand
> better:
> 1. The URI to the login page is specified relative
> to the container.  Why are we not able to configure
> this page with an absolute URL so that another host
> could be used as an authentication site?!
> 
> 2. The authorise methode of the RequestIntercepter
> is being invoked for both protected pages as well as
> after submiting the username and password on the
> login page.  I would need to do two different things
> depending from where the call comes (eg. check
> username/password if from login otherwise check
> cookie).  How can I detect in the authorise method
> if the method is being invoked after submiting
> username/password on the login page?!
> 
> TIA
> Drasko
> 

__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!  http://personal.mail.yahoo.com/

Mime
View raw message