Question: is Server A just static content? If it is and you forward the user
they'll be able to bypass the login so I assume it is not.
Is Server A protecting its content somehow? By web browser ACL? Or do you mean
that the data there is sensitive? I'll assume you mean it's sensitive.
How about adding some parameter to the request before forwarding? Some password
that servlet on A and B agree on?
Or you could use the servlet on B to get each request and then have it do an
HTTP call to servlet A, get the page and send it back to the user without them
ever finding out that it is coming from a different server.
HTH
dave.
Mike Fontenot wrote:
> All,
>
> I have a situation like this:
>
> Web Server A has protected content, I dont have control of Server A, but...
> the owners of server A would like me to provide a level of password
> protection on my web servers (Server B), that when a user successfully logs
> into my Server B, can redirect to the protected content of Server A.
>
> The owners of Server A want the password dialog to pop up only once, when
> the online user first hits my Server B. If all is hunky dory there, I'd like
> to redirect that user to the protected content on Server A.
>
> Something like:
>
> 1. online user tries to load protected resource on Server B (possibly a
> servlet).
>
> 2. user gets login dialog. User enters userid/password. This is verified on
> Server B, if OK, then redirect to the Server A protected content. Do this
> without forcing another authorization dialog to popup from Server B.
>
> Is there a away I can use a servlet to negotiate the authorization to Server
> A based on the successful access to Server B?
>
> Any ideas, suggestion, even if it is not servlet based, would be
> appreciated. Thanks,
> Mike
>
> ========================================
> Mike Fontenot - Object Systems Architect
> Polygon Network, Inc.
> Golden, CO
> ========================================
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
--
David Mossakowski [EMAIL PROTECTED]
Programmer 212.310.7275
Instinet Corporation
"I don't sit idly by, I'm planning a big surprise"
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
