tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From anil <>
Subject Re: Programmatic security with servlet mappings in tomcat
Date Tue, 03 Jul 2001 14:53:28 GMT
You can setup a custom login screen and set it up in the tomcat. I am doing
it. and you can access the username and password from session variables
j_username and j_password. also you can access requested link from session.


I like the tomcat login module because it is transparent. I guess you check
the role, roleGroup and set response.sendError(401,..) to redirect user back
to login page if he/she does not have enough previlages.

did I miss anything here??


pete wrote:

> Sure, one is that i want custom login screens, another is that we store
> all our authentication details centrally and query for them via an XML
> data service.
> Various user and domain-specific data, including user preferences,roles
> etc. is stored in this repository, not just 'yes, this user has blanket
> access to the site'.
> Our permissions-management tools are all written to work with this, so i
> have an existing system i must fit my tomcat-based solutions into here.
> I do use tomcat's basic authentication facilities for some unrelated
> services, but for us it makes a lot of sense to centralize
> authentication and preference data this way.

View raw message