Thanxs for the hint.
I could also think of a more portable solution to this problem.
If it is just to provide single sign-on, I would, from within the
client-servlet, first access any page known to be form-based login-proteced
and reply with a post containing j_username and j_password. Store the
session cookie in your servlet. Ignore the response.
Then it now comes to access the protected resource, rather than packaging
user-credentials into the request just set the cookie in the http-header and
You are done.
This has the added benefit that Your servlet may login over https while
accessing the protected resource over faster http. And it works with any
J2EE server.
Bye,
Falk
----- Original Message -----
Subject: RE: HELP!!! - Using UserManagers - Logging in users without asking
for credentials
> You want to use the RoleManager:
> Context ctx = new InitialContext();
> RoleManager roleMan =
> (RoleManager)ctx.lookup("java:comp/RoleManager");
> try
> {
> roleMan.login(memberName, password);
> }
> catch (SecurityException ex)
> {
> return false;
> }
> return true;
> -----Original Message-----
> From: Chris Evans [mailto:[EMAIL PROTECTED]]
> servlet accept requests from another website. Balled up in that request
> would be user credentials(ie: username, password, etc...). From the
