Johann Uhrmann wrote:
Hello,
I am writing a single-sign-on filter that uses cookies and
a request-wrapper in order to fake a form-based login in
case the user is already authenticated in another web application.
The filter needs some internal structures to perform the single-sign-on
process, e.g.
Johann Uhrmann wrote:
Johann Uhrmann wrote:
Hello,
I am writing a single-sign-on filter that uses cookies and
...
after reviewing my logs, it seems that session objects are being
recycled by the server and the id is set to null while they are
not in use.
Is that correct?
I think so. But in
Hello,
I am writing a single-sign-on filter that uses cookies and
a request-wrapper in order to fake a form-based login in
case the user is already authenticated in another web application.
The filter needs some internal structures to perform the single-sign-on
process, e.g. a map that associates
Before going farthar, have you looked at the Single Sign On valve?
If you are using container managed security(such as form authentication),
those contraints are executed before the filter chain is ever made.
(Otherwise) I am unsure of the semantics of getId() without re-reading the
javadocs
Tim Funk wrote:
Before going farthar, have you looked at the Single Sign On valve?
If you are using container managed security(such as form
authentication), those contraints are executed before the filter chain
is ever made.
Unfortunately, I cannot use container managed security because I have
