I'm no expert on it, but if you wanted to do a complete end-run around JRun's J2EE-based security, how about JAAS?: http://java.sun.com/products/jaas/ Phil, it sounds like you want to combine J2EE and other auth mechanisms, i.e., use J2EE authentication-specific components but tying into non-J2EE authentication services. You should be able to do that by implementing the JRun authentication interface: JRun Javadoc (Win32 path): %JRUN_HOME%\docs\api\jrun\allaire\jrun\security\package-summary.html But since you've combed through the docs, there must be some subtlety I'm overlooking in your requirements (or maybe not so subtle and I'm just no getting it :-). Scott Stirling Allaire Corporation http://www.allaire.com/developer/jrunreferencedesk/ > -----Original Message----- > From: Rhodes, Phillip C. [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 05, 2001 5:30 AM > To: JRun-Talk > Subject: RE: JRun 3.0 programatic login > > > This approach would work if you want to operate outside the > JRun security > mechanisms and programmatically handle all security yourself. > It will not > work if you want to allow JRun to protect your resources > (e.g. declarative > security via web.xml) > > > I think the question is about how to hook into JRun to do this. > > Typical scenario: > 1) User completes a registration page, clicks "submit", > information is > entered into database, ldap, etc. > 2) In the same request, servlet programmatically calls to > JRun to login > user (request.getUserPrincipal() is instantiated) > 3) User can now access resources as an authenticated user. > For example, > use can now access urls protected in web.xml via <security-constraint> > WITHOUT being presented with a login prompt. > > > I am interested in resolving this question also. I combed > through the docs > and archives and there is nothing on this. > > I do not think JRun provides a means to do this at present. > They would have > said something by now. I have seen this question asked before. > > > > > > -----Original Message----- > From: Matt Goss [mailto:[EMAIL PROTECTED]] > Sent: Friday, January 26, 2001 9:31 AM > To: JRun-Talk > Subject: Re: JRun 3.0 programatic login > > > Budi, > Try writing your own login servlet that accepts a cookie. > Then you can set > the cookie on registration. > Matt Goss > > Budi Prawira wrote: > > > Is it possible to programatically log in a user, without doing > > BASIC/FORM/DIGEST authentication? > > I'm developing a project in which user can register to > become a member. > Once > > the user is registered, he is automatically logged in > (without having to > > enter his newly created username/password). > > I saw an example of doing this in JPS 1.1 (using J2EE RI), > but I use JRun > > 3.0 to develop my project. Can I do it in JRun 3.0. > > > > Anyone? > > > > Budi ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
