On Jan 13, 2004, at 12:42 AM, Craig R. McClanahan wrote:
Filters are *not* required to be invoked on j_security_check invocations. In
fact, Tomcat won't even enable the "j_security_check" url unless an
unauthenticated user accesses a protected resource. Basically, I believe there
is no guaranteed-to-be-portable way to implement "remember me" functionality on
the server using container managed security.
Craig
The Filter I use is mapped to the location of the <form-login-page>. The solution I use does work on both Tomcat 4/5 and Resin, which is portable enough for me! I did have to add <dispatcher>FORWARD</dispatcher> for Tomcat 5 and Resin, where the login page is displayed using a forward instead of a redirect.
Matt
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
