Does the realm have access to the session? Because informations i need in webapp is taken from where the realms does it's authentification.
I my case, the realm access a NIS to check user passwoard, and informations such as fullname, phone and email, are alos in this nis. I do not want the webapp to also access directly the nis. Le Lundi 6 Juin 2005 12:48, QM a écrit : > On Mon, Jun 06, 2005 at 11:36:11AM +0200, delbd wrote: > : I had to write my own realm implementation to authenticate users. > : Now am faced with a problem, this realm contains additionnal datas on the > : user, like email, fullname, office telephone number. > : I'd like to pass this informations to the webapplication, however am not > : sure how to do this. > > Let's take a step back: is the extra info used to authenticate the user? > or is it used by the webapp itself, after the user has logged in? > > In the latter case, you can store a user-specific object in the session > after the user logs in. Many people write a ServletFilter that checks > for said object and, if it doesn't exist, creates/populates it. > > (Of course, the filter should only be mapped to protected areas; it is > otherwise of limited value ;) > > -QM -- David Delbecq Royal Meteorological Institute of Belgium - Is there life after /sbin/halt -p? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
