----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files. Don't make us guess your problem!!!
----------------------------------------------------------------
Hi David,
You can try to set the Authentication header from the LoginServlet with
response.setHeader("Authorization","Basic usernameandpasswbase64encoded");
where usernameandpasswbase64encoded should be the
'username:password' ( : is needed ) encoded with Base64 algoritm.
username and passwords should be a valid user and pwd wich You can access
the protected
files with .htaccess.
Mybe a realm setting is involved too.
NOTE: i have never tried this out only reverse:
reading Authorization header and decoding with the sun.misc.Base64Decoder
class.
SO MAYBE WHAT I AM SAYING IS NOT TRUE :)
Check for a Base64encoder algoritm on the Internet, You will find one.
If NOT send me an e-mail and i will send you one.
p.s. If you don't understand something feel free to contact me.
Best wishes,
Andras.
----- Original Message -----
From: David Molloy <[EMAIL PROTECTED]>
To: Java Apache Users <[EMAIL PROTECTED]>
Sent: Wednesday, May 10, 2000 5:34 PM
Subject: HTTP Authentication and Servlets
> ----------------------------------------------------------------
> BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> WHEN YOU POST, include all relevant version numbers, log files,
> and configuration files. Don't make us guess your problem!!!
> ----------------------------------------------------------------
>
> Hey,
> I'm looking at authenticating in two ways:
> 1. Authenticate directories using normal .htpasswd stuff..fine.
> 2. Authenticate from a login form for access to certain servlets
> etc... fine using something along the lines of Hunter's
> LoginHandler / Protected Resource servlet examples.
>
> With JServ/Servlets is it possible to perform both at once.
> For example... can a form be made where the user logs in and
> they are authenticated in both the session (for other servlets)
> and also it causes them to have logged in automatically for
> any .htaccess directories? I just don't know if/how it can
> be done and I'm relatively new to it all.
>
> Thanks for any help anyone might have.
> David Molloy
>
> PS: Solaris/JServ combo, Apache 1.3.6, htpasswd version 2.0
>
> The Application Spam :)
> The system is intended to run on a college server where I am
> writing a bunch of facilities where lecturers can access
> database student records, create assessments, mailing lists etc.
> At the same time I want to write a facility where lecturers can
> protect certain lecture notes directories via a html form, without
> any knowledge of .htpasswd etc. Ie. the form/servlet writes the
> .htpasswd/.htaccess files.
> Certain students/lecturers will be able to view certain directories
> as well as use certain servlets etc. I don't want everyone to have
> to log in twice for documents and servlets. So I'm essentially
> looking for a way that when people come to our intranet they log
> in once at the login page (which is automatically called if they
> try to access protected servlets/html) and it authenticates them
> for both that session and for document directories (.htaccess) on
> our intranet. If anyone who has read this far can think of a better
> way I'd be very interested... again I'm pretty new to this stuff.
>
>
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> Archives and Other: <http://java.apache.org/main/mail.html>
> Problems?: [EMAIL PROTECTED]
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
