tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Albretch Mueller" <lbrt...@gmail.com>
Subject Security Realms and form-login-page
Date Sun, 20 Jan 2008 03:14:33 GMT
 On page 120 of the servlet spec., it is stated referring to the
<form-login-page> element in the <security-constraint> section of an
application's web.xml:
~
 The form-login-page element defines the location in the web app where
the page that can be used for login can be found. The path begins with
a leading / and is interpreted relative to the root of the WAR.
~
 How could you then specify a different (virtual) host accepting only
https connections, that would authenticate the user and then somehow
communicate to the particular webapp Sec Realm so the user is
authenticated?
~
 I think the supposed login page could redirect to that host's login
page, but how could that virtual host redirect back to the regular
pages?
~
 How do some sites out there implement something similar to this?
~
 thanks
 lbrtchx

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message