A way to do this, starting 4.0.4.GA is to provide your own authenticator for FORM based authentication.
http://wiki.jboss.org/wiki/Wiki.jsp?page=ExternalizeTomcatAuthenticators Your authenticator can weave in authentication to include the 3rd parameter, along with the standard authentication. Your authenticator will extend the FORM authenticator and will have to override the following method: http://tomcat.apache.org/tomcat-5.5-doc/catalina/docs/api/org/apache/catalina/authenticator/AuthenticatorBase.html#authenticate(org.apache.catalina.connector.Request,%20org.apache.catalina.connector.Response,%20org.apache.catalina.deploy.LoginConfig) Your 3rd parameter will be available in the Catalina Request object. Note that you will need to retain the standard form in your html/jsp page while having a custom parameter. I have said enough. Maybe somebody else (Chris??) can expand on this. If what I am saying is convoluted, do application based security. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3942034#3942034 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3942034 ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
