tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Tulley" <JTUL...@novell.com>
Subject [Patch] immediate usage of j_username and j_password in form at login time
Date Thu, 15 May 2003 00:10:27 GMT
When another web application wants to do a seamless login to another
secured context, one option is to submit a form that contains the
"j_username" and "j_password" form values.  This patch checks if these
exist before doing a redirect to the login page, and if they do, it
attempts authentication.  Upon success, execution proceeds onto the
orginally-requested page as if the user had already been logged in at
the time of the request.

I see no issues with committing such a thing to Tomcat 4.1.x, but I may
be missing something.

Thanks,

Jeff Tulley  (jtulley@novell.com)
(801)861-5322
Novell, Inc., The Leading Provider of Net Business Solutions
http://www.novell.com

Mime
View raw message