that's what I've been doing...
whenever there's a sec-constraint, orion forwards to my login page; when I
want login without securing, I simple use the login form(or some other
functionally equal) and then login the user programatically (by changing the
action field of the form)
It works, just like MCB said.
JP
> -----Original Message-----
> From: Mike Cannon-Brookes [mailto:[EMAIL PROTECTED]]
> Sent: Jueves, 22 de Febrero de 2001 11:23
> To: Orion-Interest
> Subject: RE: Any way to "forward" to j_security_check?
>
>
> This is very simple to do.
>
> Just grab the RoleManager from java:comp/env/RoleManager I
> think and then
> the method if just RoleManager.login(username, password) -
> see the Orion API
> docs for more info.
>
> Alas there is no standard way to do this defined in the spec.
>
> -mike
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of
> > [EMAIL PROTECTED]
> > Sent: Thursday, February 22, 2001 11:27 PM
> > To: Orion-Interest
> > Subject: Any way to "forward" to j_security_check?
> >
> >
> > Does anyone know a way to "forward" to the j_security_check
> processing in
> > Orion ? We use form-based login but have our own processing to do
> > ahead of the
> > standard j_security_check.
> >
> > On J2EE Reference Implementation (and e.g. Weblogic) we post the
> > form to our
> > own servlet instead of j_security_check, then forward from this to
> > j_security_check. This doesn't seem to work on Orion i.e.
> j_security_check
> > doesn't seem to be something one can get a request dispatcher for.
> >
> > Of course, the servlet spec doesn't mandate anything about
> how the server
> > should implement the j_security_check mechanism, so
> potentially it doesn't
> > have to have anything that can be referenced and invoked
> from application
> > code. But it would be useful to be able to.
> >
> > I've also thought about programmatically simulating a post to
> > j_security_check
> > instead of trying to forward to it, but doesn't look simple and
> > not sure this
> > would work on Orion either. Might be helped by Servlet 2.3 but
> > can't move to
> > that yet.
> >
> > Am I just missing some trick to this, or is it not possible on
> > Orion? Or is it
> > related to a bug somewhere ? (n.b. even a normal post to
> j_security_check
> > seems to fail, and to get sign-on to work I have to use Orion's
> > non-standard
> > feature of leaving the action unspecified).
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > ***********************************
> > NIG
> > The National Insurance &
> > Guarantee Corporation PLC
> >
> > Reg. Office :
> > Crown House
> > 145 City Road
> > London
> > EC1V 1LP
> >
> > Registered in England & Wales No : 42133
> > ***********************************
> > Legal disclaimer :
> > This message is confidential and for use by the addressee
> only. If the
> > message is received by anyone other than the addressee,
> please return
> > the message to the sender by replying to it and then delete
> the message
> > from your computer.
> >
> > NIG does not accept responsibility for changes made to this message
> > after it was sent.
> >
> >
> >
>
>
