Using a forward to a native j_security_check is indeed an easy way to use the servlet container provided security features. But on the other hand, you're mixing JSF with non-JSF stuff. I was more thinking of using a servlet filter to do the client-login into the security domain when the username and password has been set on the session as attributes. That way the error reporting on a failed login "stays within JSF". Any suggestions here?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3988168#3988168 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3988168 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
