tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Funk <>
Subject Re: add a session's attribute after authentication
Date Tue, 02 May 2006 11:14:28 GMT
Via tomcat - there isn't a hook. The best (and most portable way) you can do 
this is to write a filter which checks for the attribute in the session vs 
the remoteUser value. For example:

doFilter(...) {
   if (null!=request.getRemoteUser() &&
         null==request.getSession().getAttribute("cowbell")) {
   chain.doFilter(request, response);


Amleto Di Salle wrote:

> Hi all,
> I have used the container (Tomcat) managed security, but after the
> authentication I would like to set an object inside the session. How can
> I do?
> I have noticed that Tomcat creates a session if the user accesses to a
> protected resource, so i cannot use the HttpSessionListener.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message