-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen,
Stephen More wrote:
> Both of these would require a Filter that checks for the existence of
> the role "expiredPassword" and redirect as needed.
Yes. That's why I did it myself all in a single filter (including
loading the user's state, rath
I just find it hard to believe that there is no open-source
project/library to mange users that includes the above functionality.
Web server logins are dismal across the board, but its so easy to write
a filter so I think nobody bothered.
Peter
Stephen More wrote:
On 8/22/07, Christopher Sc
On 8/22/07, Christopher Schultz <[EMAIL PROTECTED]> wrote:
> 1. Checks to see if the Session exists and has a Principal.
> 2. Checks to see if the Session contains my "User" object.
>If not, it loads the User object and performs the "real" login
>(as opposed to the basic authentication prov
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen,
Stephen More wrote:
> On 8/21/07, Christopher Schultz <[EMAIL PROTECTED]> wrote:
>> Stephen More wrote:
>>> Has anyone written or know of a JDBCRealm that supports an expired password
>>> ?
>> Do you mean that you want expired-password-users
Hi Steven
You are limited as to what logic the realm performs automatically,
checking for expired passwords requires some manual work on your side.
You might want to look at implementing a JAASRealm, and your own login
module:
See the bottom of this page:
http://tomcat.apache.org/tomcat-5.5-
In looking at the docs:
http://tomcat.apache.org/tomcat-5.5-doc/config/realm.html
there is no Attribute for "userCredExpireCol". How do I configure the
JDBCRealm to look at an expiration column ?
-Steve
On 8/22/07, Peter Stavrinides <[EMAIL PROTECTED]> wrote:
> I also didn't understand exactly w
I also didn't understand exactly what you mean, but 'JDBCRealm'... implies
using a database, so the simple way is to redirect and use a web form to change
it, which is easy enough. If you don't want to use a web form then its an
entirely different story, I assume some sort of extension or custo
On 8/21/07, Christopher Schultz <[EMAIL PROTECTED]> wrote:
> Stephen More wrote:
> > Has anyone written or know of a JDBCRealm that supports an expired password
> > ?
>
> Do you mean that you want expired-password-users to be forced to change
> their password before doing anything else?
Yes, this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen,
Stephen More wrote:
> Has anyone written or know of a JDBCRealm that supports an expired password ?
Can you phrase that in a different way? I wouldn't want my JDBCRealm to
allow expired passwords to be used.
Do you mean that you want expire
Has anyone written or know of a JDBCRealm that supports an expired password ?
-Thanks
Steve More
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [
10 matches
Mail list logo