dan benanav wrote:
> You may be misunderstanding the spec and agreeing to soon here. The
> spec does not handle the case where you want the user to log in from
> a non protected resource and to allow the user to log in at any
> time.
> The spec states how one would force a login page to appear if the
> user accesses a protected resource but does not define a standard
> way to log the user in.
To provide a way for the user to explicitly choose to log-in, how
about doing this:
Create a link on the home-page (or wherever) to
<a href="http://mysite.com/ensureLoggedIn">Login</a>.
Declare /ensureLoggedIn to be a protected resource. Then when the
user follows that link from the home-page, he will be prompted to
log-in, presumably by redirecting to the login page with the
j_securitycheck HTML form.
After successfully logging in, the user will then be brought to the
/ensureLoggedIn page, which will say something like ``Congrats, Joe,
you are now logged in. Click here to go back to the home-page.''
- Rujith.
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
