tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Extance, Paul" <paul.exta...@spirent.com>
Subject RE: Logging off container authenticated user
Date Fri, 18 Jul 2003 16:45:27 GMT
We use a filter to cache other data about a user in the session once they
have authenticated. (see
http://jaffa.sourceforge.net/documentation/presentation/sessions.html or the
code @
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/jaffa/JaffaCore/source/java/o
rg/jaffa/presentation/portlet/session/UserSessionFilter.java?rev=HEAD&conten
t-type=text/vnd.viewcvs-markup)

As you can see if we fail to get the extra data for the user we invalidate
the session, (ie log out) and redirect to an error page.

If you want a more complex version of the JDBC realm to add extra clauses
for security look at
http://jaffa.sourceforge.net/documentation/security/web/#realm 


Paul Extance


-----Original Message-----
From: Christian J. Dechery - ACCENTURE [mailto:Christian.Dechery@atl.com.br]

Sent: Tuesday, July 15, 2003 6:54 AM
To: Tomcat Users List (E-mail)
Subject: Logging off container authenticated user

I finally got a FORM-based authentication from the container (in this case,
Tomcat) working.
 
But I have a little doubt, how can I logoff this user?
 
Cuz in my system, the login doesn't deppend only on authenticating him for
username and password, I must validate some other stuff, so it would be
interesting if I could authenticate him, and if I could not validate the
other stuff, log him off and present a message.
 
Thanks.

_______________________________
:: Christian J. Dechery 
:: Accenture do Brasil 
:: CHT - Solutions Operations 
:: christian.j.dechery@accenture.com 

 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message