tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steven J. Owens" <puffm...@darksleep.com>
Subject Alternatives to J2EE Authentication
Date Thu, 26 Feb 2004 23:19:14 GMT
Hi folks,

     The most common (and frustrating) bookmarked login page gotcha
with J2EE authentication has been oft-discussed (broken as designed)
on this list.  

     What are people's favorite alternatives to J2EE authentication?
And why?

     Something I'm particularly interested is alternatives that don't
require me to rebuild the application from scratch.  I'm looking at
tearing out the old login process and putting in a new one and I don't
really want to start the whole thing over.  

     If I had to build it from scratch myself, I'd do it as a simple
Servlet filter that checks for a Principal object stored in the user's
HttpSession.

-- 
Steven J. Owens
puff@darksleep.com

"I'm going to make broad, sweeping generalizations and strong,
 declarative statements, because otherwise I'll be here all night and
 this document will be four times longer and much less fun to read.
 Take it all with a grain of salt." - Me at http://darksleep.com


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message