Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id A1CFE9071 for ; Fri, 2 Dec 2011 02:31:15 +0000 (UTC) Received: (qmail 108 invoked by uid 500); 2 Dec 2011 02:31:12 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 99847 invoked by uid 500); 2 Dec 2011 02:31:12 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 99838 invoked by uid 99); 2 Dec 2011 02:31:12 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Dec 2011 02:31:12 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of 2ndgenfilms@gmail.com designates 209.85.213.173 as permitted sender) Received: from [209.85.213.173] (HELO mail-yx0-f173.google.com) (209.85.213.173) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Dec 2011 02:31:05 +0000 Received: by yenq3 with SMTP id q3so2984196yen.18 for ; Thu, 01 Dec 2011 18:30:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=h8gzI4wMbqeGhojTNpc/BYQlihdITUbsqtsVtSg7mP0=; b=c14+B8irDzqQ1lOnfzk4mMbSST4QGFLy/YYD0WZvCRwNLsddsk9H+21UJ0EkFO6Q3L BN6qsy43T0X7CJgLeyV9rVCDl4ZjYJ2PWPtSjePr5B4NhS8aYMiqpsbcmG+aBkym4goE Y5Ctc8AvrrpTZAwKHof1q9tpuK6wXMFom3e9Q= MIME-Version: 1.0 Received: by 10.236.78.130 with SMTP id g2mr15474664yhe.79.1322793045081; Thu, 01 Dec 2011 18:30:45 -0800 (PST) Received: by 10.236.70.100 with HTTP; Thu, 1 Dec 2011 18:30:45 -0800 (PST) Date: Thu, 1 Dec 2011 20:30:45 -0600 Message-ID: Subject: Form-based Login question From: Jerry Malcolm <2ndgenfilms@gmail.com> To: users@tomcat.apache.org Content-Type: multipart/alternative; boundary=20cf300fb2b5903c8604b312c1f8 --20cf300fb2b5903c8604b312c1f8 Content-Type: text/plain; charset=ISO-8859-1 I have been using form-based auth for several years. I understand the challenge concept where TC puts up the pre-defined login page when the first page requiring auth is requested. But I have a slightly different situation. I want all of my non-protected pages (guest-level) to include the id/pw fields at the top of the page. At any time when the user chooses to go to the protected area of the site, they enter their id/pw and hit the login button and it takes them to a page in the protected area. Basically, I want to bypass the forced login page if the user entered an id/pw unless obviously the auth failed on the provided id/pw. Is there a way to 'force' provide credentials under the covers at the time the first protected page is requested to get the user signed on without the intermediate login form appearing? Thanks. Jerry --20cf300fb2b5903c8604b312c1f8--