James Ward wrote:
Erik,
Thanks for the response.  I am just not sure how to do this with form
based auth and the j_security_check stuff.  Any help would be greatly
appreciated.


Hmm....

Well, if form-based auth didn't expect a POST request with the login credentials, you could just call sendRedirect with GET parameters in a URL like "server.com/j_security_check?J_USERNAME=jward&J_PASSWORD=secret".

The only way I can think of doing it would be kind of an ugly hack, but it might work. You can open a socket directly connecting to the server and hand-create a string-based HTTP POST request yourself by typing in the headers, followed by two newlines, followed by "J_USERNAME=jward&J_PASSWORD=secret".

The problem is that I don't know how you would capture the response -- in fact, I don't this would work after all. It would submit the POST request but the browser wouldn't be updated that it is now privileged to access the protected resources. So I don't know if it's possible using CMA after all... I take it all back.


Apologies,


Erik



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to