Re: Auto Login Using Form Based Authentication
I was using mod_jk as a short-hand for the entire server-suite. There is a Domino connector, but I don't believe that there is a binary for it. You can get the source and compile it from http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/release/v1.2.4 /src/. Documentation is at http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/release/v1.2.4 /doc/jk/domhowto.html. John Turner [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] mod_jk is strictly for Apache, since the mod typically means Apache module. But JK (AJP13) is a protocol. It can be implemented however you like. There are JK connectors for Apache and IIS, for example. John On Wed, 11 Jun 2003 10:53:37 -0400, vtobin [EMAIL PROTECTED] wrote: Hi Bill and Matt, There are two problems with this: 1) Your Filter will not get called, since authentication happens before Filters (you'd need to use a Valve, but then you are locked into Tomcat) . 2) Unless you are using Tomcat 5.x nightly, Request attibutes won't be available to the login-page for the simple reason that that happens on a different Request. The simplest solution would be to use mod_jk to connect Domino Tomcat and set tomcatAuthentication=false. However, the Domino connector is probably the least tested . Raible, Matt [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] You could put a filter on /* in your app, and if the user is routed to the login page (check the URL for an indexOf(login.jsp)) - then set a request variable containing the parameter you want to save. Matt I'd like to thank you both for responding to my posting. I'm researching your suggestions, though I guess I'll probably have to give up the idea of using a filter based on Bill's information. I'm looking up the info on mod_jk. That was a good lead, though the particulars are still eluding me. I had always thought that mod_jk was strictly for Apache and Tomcat, but if it'll work with Domino, that's great. Val - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Auto Login Using Form Based Authentication
1) Your Filter will not get called, since authentication happens before
Filters (you'd need to use a Valve, but then you are locked into Tomcat).
In my experience, and my current working app, this is not the case. The
following code works for me in a filter (mapped to /*) to auto-login a user:
snip
if ((request.getRequestURL().indexOf(login)) {
// Check to see if we should automatically login the user
// container is routing user to login page, check for remember me cookie
Cookie userCookie = RequestUtil.getCookie(request, username);
String username =
(passCookie != null)
? URLDecoder.decode(userCookie.getValue(), UTF-8) : null;
if ((rememberMe != null) (password != null)) {
// authenticate user without displaying login page
String route = request.getContextPath() +
/j_security_check?j_username= + username
+ j_password= + StringUtil.decodeString(password);
if (log.isDebugEnabled()) {
log.debug(I remember you ' + username
+ ', attempting authentication...);
}
response.sendRedirect(response.encodeRedirectURL(route));
return;
}
}
Matt
/snip
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Auto Login Using Form Based Authentication
Hi Bill and Matt, There are two problems with this: 1) Your Filter will not get called, since authentication happens before Filters (you'd need to use a Valve, but then you are locked into Tomcat). 2) Unless you are using Tomcat 5.x nightly, Request attibutes won't be available to the login-page for the simple reason that that happens on a different Request. The simplest solution would be to use mod_jk to connect Domino Tomcat and set tomcatAuthentication=false. However, the Domino connector is probably the least tested . Raible, Matt [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] You could put a filter on /* in your app, and if the user is routed to the login page (check the URL for an indexOf(login.jsp)) - then set a request variable containing the parameter you want to save. Matt I'd like to thank you both for responding to my posting. I'm researching your suggestions, though I guess I'll probably have to give up the idea of using a filter based on Bill's information. I'm looking up the info on mod_jk. That was a good lead, though the particulars are still eluding me. I had always thought that mod_jk was strictly for Apache and Tomcat, but if it'll work with Domino, that's great. Val - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Auto Login Using Form Based Authentication
mod_jk is strictly for Apache, since the mod typically means Apache module. But JK (AJP13) is a protocol. It can be implemented however you like. There are JK connectors for Apache and IIS, for example. John On Wed, 11 Jun 2003 10:53:37 -0400, vtobin [EMAIL PROTECTED] wrote: Hi Bill and Matt, There are two problems with this: 1) Your Filter will not get called, since authentication happens before Filters (you'd need to use a Valve, but then you are locked into Tomcat) . 2) Unless you are using Tomcat 5.x nightly, Request attibutes won't be available to the login-page for the simple reason that that happens on a different Request. The simplest solution would be to use mod_jk to connect Domino Tomcat and set tomcatAuthentication=false. However, the Domino connector is probably the least tested . Raible, Matt [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] You could put a filter on /* in your app, and if the user is routed to the login page (check the URL for an indexOf(login.jsp)) - then set a request variable containing the parameter you want to save. Matt I'd like to thank you both for responding to my posting. I'm researching your suggestions, though I guess I'll probably have to give up the idea of using a filter based on Bill's information. I'm looking up the info on mod_jk. That was a good lead, though the particulars are still eluding me. I had always thought that mod_jk was strictly for Apache and Tomcat, but if it'll work with Domino, that's great. Val - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Auto Login Using Form Based Authentication
You could put a filter on /* in your app, and if the user is routed to the login page (check the URL for an indexOf(login.jsp)) - then set a request variable containing the parameter you want to save. Matt -Original Message- From: Val T. [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 10, 2003 12:46 PM To: Tomcat Users List Subject: Auto Login Using Form Based Authentication Hi, I have an atypical situation in that I am trying to auto login users from another system (a Lotus Domino system) when they connect to my JSP application. I am using Tomcat 4.1.18 and have form based authentication working on it. I would prefer if the users did not have to explicitly login, because, as far as they are concerned, it's all part of the same application. Here is what I was hoping to be able to do: The user, who is already logged in on the Domino system, clicks on the link to my application. The link contains the user's UserID, as a parameter. The page they are linking to is in a restricted area, so Tomcat serves up the login page, which takes the UID parameter, retrieves the related password from the database, and logs the user in onload. I have it all working beautifully, EXCEPT that I can't seem to be able to retrieve the parameter from the URL. I suspect that it is lost when, instead of serving up the destination page, Tomcat serves up the login page instead. Is there a way to pass a parameter to the login page? I think the issue is the fact that you can't just call the login page directly. Does anyone see a way around this? I was thinking that maybe I'd have to link to an index page first, and then write a cookie, which I'd have to access from the login page. That seems like such a round-about way to go, when it would be so much simpler to just grab a parameter from the URL. Thanks in advance for any advice. Val - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Auto Login Using Form Based Authentication
There are two problems with this: 1) Your Filter will not get called, since authentication happens before Filters (you'd need to use a Valve, but then you are locked into Tomcat). 2) Unless you are using Tomcat 5.x nightly, Request attibutes won't be available to the login-page for the simple reason that that happens on a different Request. The simplest solution would be to use mod_jk to connect Domino Tomcat and set tomcatAuthentication=false. However, the Domino connector is probably the least tested . Raible, Matt [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] You could put a filter on /* in your app, and if the user is routed to the login page (check the URL for an indexOf(login.jsp)) - then set a request variable containing the parameter you want to save. Matt -Original Message- From: Val T. [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 10, 2003 12:46 PM To: Tomcat Users List Subject: Auto Login Using Form Based Authentication Hi, I have an atypical situation in that I am trying to auto login users from another system (a Lotus Domino system) when they connect to my JSP application. I am using Tomcat 4.1.18 and have form based authentication working on it. I would prefer if the users did not have to explicitly login, because, as far as they are concerned, it's all part of the same application. Here is what I was hoping to be able to do: The user, who is already logged in on the Domino system, clicks on the link to my application. The link contains the user's UserID, as a parameter. The page they are linking to is in a restricted area, so Tomcat serves up the login page, which takes the UID parameter, retrieves the related password from the database, and logs the user in onload. I have it all working beautifully, EXCEPT that I can't seem to be able to retrieve the parameter from the URL. I suspect that it is lost when, instead of serving up the destination page, Tomcat serves up the login page instead. Is there a way to pass a parameter to the login page? I think the issue is the fact that you can't just call the login page directly. Does anyone see a way around this? I was thinking that maybe I'd have to link to an index page first, and then write a cookie, which I'd have to access from the login page. That seems like such a round-about way to go, when it would be so much simpler to just grab a parameter from the URL. Thanks in advance for any advice. Val - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
