tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From QM <>
Subject Re: How does Tomcat manage Form-based authentication?
Date Thu, 01 Apr 2004 15:10:18 GMT
On Thu, Apr 01, 2004 at 04:38:49PM +0200, Malcolm Warren wrote:
: With BASIC authorization, which I used to use, the browser was sent an 
: "Authorization" header.
: This doesn't happen with FORM-based authorization.
: I believe Tomcat deals with it all, but how? Anybody know?

Not sure I understand your question -- with FORM-based auth:
- the container detects an attempt to access a protected resource
- container sends requestor to designated form page, which posts
  to the blackbox "j_security_check"
- success => user is taken to originally-requested page
- failure => user is taken designated "no-go" page

Is that the answer to your question?

btw, please start new threads for new topics -- replying to an old
message plays hell with thread-aware mail readers, even if you change
the subject. ;)



software  --
tech news --

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message