tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jim Kennedy" <jgkenn...@mindspring.com>
Subject RE: How does tomcat redirect from login
Date Sat, 17 Apr 2004 18:07:34 GMT
Thanks, I'm surprised there is no way to do this.  Why wouldn't they just
pop it in the request.  Seems very easy.  I wonder if I could find the
source for j_security_check and make the appropriate changes.  I don't want
to reinvent J2ee security. 

-----Original Message-----
From: Tim Funk [mailto:funkman@joedog.org] 
Sent: Saturday, April 17, 2004 1:44 PM
To: Tomcat Users List
Subject: Re: How does tomcat redirect from login

There is no way to do that. Your best alternative is to NOT use
authentication/authorization via the spec and create some Servlet Filters to
perform the appropriate authentication and authorization checks. That way,
the filter can be smart enough to determine you user context and handle it
approriately.

The upside - is the path is very portable to othre conatiners. The downside
is you reinvent some of the wheel. Lucky for you  - there are other projects
on the Internet which use Filters for this very purpose  - so some of your
work might already be done.

-Tim

Jim Kennedy wrote:

>  
> I am using form based login, which is working fine for me.  I would 
> like to display different login content (on my login form) based on 
> the desired intent of the user.  So , if the user wants to go to a 
> certain section of my site that is secure, I would like to capture the 
> redirect page (the url of the secure page) before the user logs in.  
> Knowing that URL will allow me to display specific content for that 
> section.  I have searched the session and the request scopes for 
> something that looks like a redirect page.  Can't find anything.  Not even
a cookie.
> 
> So, how does tomcat store the intended (redirect) page during the 
> login process for "form based login".  Where is it stored?  How can I get
it?
> 
> Hope I don't need to hack the source for j_security_check.
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message