tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bongiorno, Christian" <>
Subject Principal caching with authentication
Date Tue, 13 Nov 2001 22:49:40 GMT
Here is something else I am wrestling with. When a user hits a protected
page and authenticates, subsequent authentication requests for every page
clicked on occurs. I have been reading that there is some sort of caching
going on, but I still have my authenticate() method called even-though the
user has been validated as having access roles for that session. So, maybe
once again I am missing it, but, I could cache the credentials on my own if
I could get a session timeout event and the Principal it was using for that
session. I could just do a quick lookup on the principal to see if I have it
already -- if so return it, else get a new one.

Am I thinking correctly?


To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message