Hello,
We're currently using form-based authentication (i.e.
auth-methodFORM/auth-method) but, as I suspect many people have
found, it's rather limited.
One requirement we have is enforced password changes in certain
scenarios. Currently the approach we were thinking of using is as
follows:
-Original Message-
From: Caldarale, Charles R [mailto:[EMAIL PROTECTED]
Sent: 11 October 2005 17:18
To: Tomcat Users List
Subject: RE: Form Based Authentication
From: Peter Bright [mailto:[EMAIL PROTECTED]
Subject: Form Based Authentication
It's point (c) that's proving
-Original Message-
From: Caldarale, Charles R [mailto:[EMAIL PROTECTED]
Sent: 11 October 2005 17:23
To: Tomcat Users List
Subject: RE: Form Based Authentication
From: Peter Bright [mailto:[EMAIL PROTECTED]
Subject: RE: Form Based Authentication
It's point (c
