tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: User-password from the HttpServletRequest
Date Wed, 02 May 2007 20:45:02 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sam,

sebbo@gmx.ch wrote:
>> Do you mean during the login process, or after it has been done?
> 
> I mean after the user has been logged in (form based login).
> 
> Have you an example how I can receive the password from the
> HttpServletRequest?

Unless you are using some non-standard setup or user-tracking library of
some kind, there is no way to get the user's password from the request
(or anywhere else for that matter). Your application will need to take
care of this capability itself.

I'd like to point out that storing users' unencrypted passwords anywhere
is probably not a good idea, though I must admit that I don't know what
situation you are in.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGOPhN9CaO5/Lv0PARAhmgAJ9J/JwWYIfqXBcKRibC+cnVCpOWpACfTMU2
BCfrbvfSAVTvoBxP8peaxpw=
=Dmyd
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message