Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 23770 invoked from network); 5 Sep 2007 21:56:28 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 5 Sep 2007 21:56:28 -0000 Received: (qmail 78440 invoked by uid 500); 5 Sep 2007 21:56:11 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 78421 invoked by uid 500); 5 Sep 2007 21:56:11 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 78404 invoked by uid 99); 5 Sep 2007 21:56:11 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Sep 2007 14:56:11 -0700 X-ASF-Spam-Status: No, hits=0.7 required=10.0 tests=SPF_SOFTFAIL X-Spam-Check-By: apache.org Received-SPF: softfail (athena.apache.org: transitioning domain of delbd+jakarta@oma.be does not designate 195.238.6.51 as permitted sender) Received: from [195.238.6.51] (HELO mailrelay001.isp.belgacom.be) (195.238.6.51) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Sep 2007 21:56:05 +0000 Received: from 131.118-65-87.adsl-dyn.isp.belgacom.be (HELO yuki.local) ([87.65.118.131]) by mailrelay001.isp.belgacom.be with ESMTP; 05 Sep 2007 23:55:42 +0200 X-Belgacom-Dynamic: yes Message-ID: <46DF25E2.70104@oma.be> Date: Wed, 05 Sep 2007 23:55:46 +0200 From: David Delbecq User-Agent: Thunderbird 2.0.0.6 (Macintosh/20070728) MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Programmic login to tomcat using username and password References: <3bdcdf760709050745kfdec92anf0b42f0862539447@mail.gmail.com> <3bdcdf760709050751n619955abhff1c0be0a04683a6@mail.gmail.com> <46DEC5C3.8090501@oma.be> <3bdcdf760709050855g705009b9xc2935ed513327421@mail.gmail.com> In-Reply-To: <3bdcdf760709050855g705009b9xc2935ed513327421@mail.gmail.com> Content-Type: text/plain; charset=GB2312 Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org Hi, Am not sure to understand what you want to do. You want to login user without requiring it, ever, to authenticate? That seems to me quite paradoxal. Maybe you should explain a bit more what you try to achieve... ��ȫ�� a ��crit : > Hi, > > I have already enabled the SSO function in server.xml. It could be > promoted the challenge once when I visit the first webapp and without > login to all the webapps in the host. But I do not want any login form > promoted to users. So my point is, how do I write code in a jsp or > servlet to auto login to the first webapp without the login-form > promoted to users. > For example, in websphere application server, the following code > could be auto login to the server, If we give the right username and > password pair. > > code begin > ------------------ > LoginContext lc = null; > > try { > lc = new LoginContext("WSLogin", > new WSCallbackHandlerImpl("userName", "password")); > } catch (LoginException le) { > System.out.println("Cannot create LoginContext. " + le.getMessage()); > // Insert the error processing code > } catch(SecurityException se) { > System.out.println("Cannot create LoginContext." + se.getMessage()); > // Insert the error processing code > } > > try { > lc.login(); > } catch (LoginException le) { > System.out.println("Fails to create Subject. " + le.getMessage()); > // Insert the error processing code > ---------------- > code end > > I do not know if tomcat provide some APIs like the above, and we > could use the API to programmic login to the tomcat server. and where > to find the instruction to use the API? > > > Many Thanks! > Zhu quanxin > > > > 2007/9/5, David Delbecq : > >> http://tomcat.apache.org/tomcat-5.5-doc/config/host.html >> >> See section about single-sign. This share credential between webapps. >> >> Note: it's not a "programamtic". It just let all your application share >> a same authentification token. Once you authenticate using J2EE >> compliant method in application X, it's not necessary to login into >> other application Y on same host that is also using J2EE compliant >> authentification mecanism. >> >> En l'instant pr��cis du 05/09/07 16:51, ��ȫ�� s'exprimait en ces termes: >> >>> hi, everyone >>> >>> I meet a problem about programmic login. I setup a tomcat server, >>> and deploy two WAR files (applications) on it. One of the application >>> A is protected by server authentication, and the other application B >>> is not. I want to setup a scenario : when user navigates the >>> application B, he could programmic login to tomcat using username and >>> password that is coded in the application of B, and then he >>> navigates the application A in the same browser, he never needs to >>> response the challenge promoted by application A. >>> >>> I would very appreciate if someone could help me. >>> >>> Thanks >>> >>> Zhu Quanxin >>> >>> --------------------------------------------------------------------- >>> To start a new topic, e-mail: users@tomcat.apache.org >>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org >>> For additional commands, e-mail: users-help@tomcat.apache.org >>> >>> >> -- >> http://www.noooxml.org/ >> >> >> --------------------------------------------------------------------- >> To start a new topic, e-mail: users@tomcat.apache.org >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org >> For additional commands, e-mail: users-help@tomcat.apache.org >> >> >> --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org