From tomcat-user-return-91385-apmail-jakarta-tomcat-user-archive=jakarta.apache.org@jakarta.apache.org Sun Feb 01 19:01:56 2004 Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 96548 invoked from network); 1 Feb 2004 19:01:56 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 1 Feb 2004 19:01:56 -0000 Received: (qmail 43356 invoked by uid 500); 1 Feb 2004 18:59:24 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 43317 invoked by uid 500); 1 Feb 2004 18:59:24 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 43228 invoked from network); 1 Feb 2004 18:59:23 -0000 Received: from unknown (HELO moutng.kundenserver.de) (212.227.126.187) by daedalus.apache.org with SMTP; 1 Feb 2004 18:59:23 -0000 Received: from [212.227.126.205] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1AnMoZ-0003sB-00 for tomcat-user@jakarta.apache.org; Sun, 01 Feb 2004 19:59:27 +0100 Received: from [80.128.17.6] (helo=cyberspaceroad.com) by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1) id 1AnMoZ-0003Ll-00 for tomcat-user@jakarta.apache.org; Sun, 01 Feb 2004 19:59:27 +0100 Message-ID: <401D4C31.9030009@cyberspaceroad.com> Date: Sun, 01 Feb 2004 19:57:53 +0100 From: Adam Hardy User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031021 X-Accept-Language: de MIME-Version: 1.0 To: Tomcat Users List Subject: Re: ServletFilter on j_security_check References: <0df201c3e5be$438b3790$800101df@febbraro.local> <401A4E33.5000305@joedog.org> <11fa01c3e736$d3518090$800101df@febbraro.local> <401C3169.9070303@joedog.org> In-Reply-To: <401C3169.9070303@joedog.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:7be52423742ce504c1b541fa1f258887 X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Frank, if you develop a JAAS login module, you can get it to do pretty much anything you want, apart from having instant access to that user's session. You could write the login attempts to a database for instance. Adam On 01/31/2004 11:51 PM Tim Funk wrote: > Yeah. Use a Valve. A Valve is just like a filter but is tomcat dependent > and is issued before any filters are invoked. > > Any such functionality your looking for is NOT Servlet spec specific so > whatever solution you use - you'll be locked into that container. > > -Tim > > Frank Febbraro wrote: > >> Well that sucks :-( >> >> Any change that in the future Tomcat can have somethign silimar to the >> auth-filter in WebLogic...basically just a way to hookup (via >> interface) a >> class that can be notified of these events? >> >> Guess I need to break out my papers and roll my own....again. >> >> For those with problems such as these, check out >> http://opensource.atlassian.com/seraph/introduction.html >> >> ----- Original Message ----- From: "Tim Funk" >> To: "Tomcat Users List" >> Sent: Friday, January 30, 2004 7:29 AM >> Subject: Re: ServletFilter on j_security_check >> >> >> >>> The Sun spec team has said that filters can't be applied to >> >> >> j_security_check. >> >>> http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21795 >>> >>> -Tim >>> >>> Frank Febbraro wrote: >>> >>> >>>> Using Tomcat 4.1.x >>>> >>>> In looking at the source it seems that there is no simple way to hook >> >> >> into the Login process to get notified of successes or failures >> (dammit). So >> I was attempting to servlet filter the j_security_check and do my own >> pre/post processing. However I am unable to filter it. Is this URL >> specifically ignored by the filtering mechanism? >> >>>> My web.xml file looks as such... >>>> >>>> >>>> login >>>> raider.portal.servlet.LoginFilter >>>> >>>> >>>> >>>> login >>>> /j_security_check >>>> >>>> >>>> Kinda running out of options at this point, anyone else had a problem >> >> >> similar to needing to audit the login results? >> >>>> Thanks in advance, >>>> Frank > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org > > -- struts 1.1 + tomcat 5.0.16 + java 1.4.2 Linux 2.4.20 Debian --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org