Add 1 Nota Bene: "objects in request scope are lost on a redirect, but remain in scope after a forward..." -Martin
----- Original Message ----- From: "Matt Raible" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Sent: Tuesday, January 13, 2004 7:05 AM Subject: Re: handling form based authentication w/ remember-me cookie > > On Jan 13, 2004, at 12:42 AM, Craig R. McClanahan wrote: > > > > Filters are *not* required to be invoked on j_security_check > > invocations. In > > fact, Tomcat won't even enable the "j_security_check" url unless an > > unauthenticated user accesses a protected resource. Basically, I > > believe there > > is no guaranteed-to-be-portable way to implement "remember me" > > functionality on > > the server using container managed security. > > > > Craig > > The Filter I use is mapped to the location of the <form-login-page>. > The solution I use does work on both Tomcat 4/5 and Resin, which is > portable enough for me! I did have to add > <dispatcher>FORWARD</dispatcher> for Tomcat 5 and Resin, where the > login page is displayed using a forward instead of a redirect. > > Matt > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]