tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Poornachandran <>
Subject reg. custom security
Date Mon, 20 Feb 2006 20:24:03 GMT

I am in a kind of a strange situation. Basically, I need to implement 
security using Form Based authentication in one of my webapps. But, the 
catch here is that I cannot access any of the server's configuration 
files. I can only work with my app specific files.

So, I can neither configure users in tomcat-users.xml nor configure a 
custom realm in server.xml  file.What I have done as of  now is, have 
configured Form Based Authentication in my web.xml and mapped my 
resources according to the roles. But in my login.jsp, I cant submit the 
username and password to "j_security_check", instead I am submitting 
this to my own Servlet (LoginServlet).

Now, I am not sure here how to implement the authentication part in my 
servlet. Basically after this servlet is called, the request object 
should return a non-null value for request.getUserPrincipal method call.

Any help would be very much appreciated.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message