tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Reusing form configured in form based authentication
Date Thu, 15 Jan 2009 15:50:34 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Charl,

Charl Gerber wrote:
> I have an application using form based authentication. Is it possible
> to use the same form as a "stand-alone" login screen?

Tomcat does not allow this use case because it is not covered by the
servlet specification. According to the spec, the only supported use
case is to have the remote user request a protected page, then challenge
them for credentials, etc.

If you want to allow drive-by logins, one option is to use
securityfilter (http://securityfilter.sourceforge.net/) which is a
(relatively) drop-in replacement for container-managed authentication
and authorization.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAklvW0oACgkQ9CaO5/Lv0PA1EACgm+TzeShSNEBLGGScxFxVqOyi
Pg0AoL3jLf8KBqW7cFS3IvDr875hCCG1
=Geln
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message