Alfonso Urdaneta <[EMAIL PROTECTED]> wrote:
>Erik Hanson wrote:
>
>> Here's how you could do this without chaining:
>>
>> Create a servlet called AuthServlet that does your authentication for
HTML
>> pages. Alias it to "*.html" or "/" or whatever you want so all requests
go
>> through it. Its service method would look something like this:
>>
>> public void service( ServletRequest req, ServletResponse res )
>> {
>> MyAuthenticationClass.doAuthentication( req, res );
>> }
>>
>> Now, at the beginning of the service (or doPost or doGet or whatever)
method
>> of all of your other servlets, add this line:
>>
>> MyAuthenticationClass.doAuthentication( req, res );
>>
>> Authentication will now happen whether an HTML file or a servlet is being
>> called. It's a tiny bit of extra work (adding that one line of code to
every
>> servlet), but it will work on all servers.
>>
>
>Are you sure that will work ? It seems that the "/" mapping will break
>.shtml pages.
Aliasing to "/" may not work; I haven't tried it. Here we just alias it to
"*.html" and "*.htm" because we don't have any other file types. And we do
things a bit differently anyway.
My point is that you should do whatever you normally do for authentication,
except you should move the authentication code into a separate class so it
can be called from both your authentication servlet and all of your other
servlets, thereby eliminating the need for chaining.
Erik
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
