tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From QM <qm...@brandxdev.net>
Subject Re: How does Tomcat manage Form-based authentication?
Date Thu, 01 Apr 2004 15:10:18 GMT
On Thu, Apr 01, 2004 at 04:38:49PM +0200, Malcolm Warren wrote:
: With BASIC authorization, which I used to use, the browser was sent an 
: "Authorization" header.
: 
: This doesn't happen with FORM-based authorization.
: I believe Tomcat deals with it all, but how? Anybody know?

Not sure I understand your question -- with FORM-based auth:
- the container detects an attempt to access a protected resource
- container sends requestor to designated form page, which posts
  to the blackbox "j_security_check"
- success => user is taken to originally-requested page
- failure => user is taken designated "no-go" page

Is that the answer to your question?

btw, please start new threads for new topics -- replying to an old
message plays hell with thread-aware mail readers, even if you change
the subject. ;)

-QM

-- 

software  -- http://www.brandxdev.net
tech news -- http://www.RoarNetworX.com


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message