I'm trying to protect a directory on my webserver using a servlet instead of
an ACL. For example, I want any request to the directory
http://myhost.com/protected/ to forward to MyServlet, which pops a challenge
box and checks the client's username and password against a database, and
then returns the originally requested page to the client.
I've tried using URL forwarding to map all requests to the protected
directory to MyServlet, but then I have no way of knowing what the original
request was. Does anyone know how to get that info? It doesn't appear to
be in any of the headers.
I've thought of simply forwarding to some index page in the protected
directory, but then subsequent requests to that directory won't work --
they'll be directed back to the index page via MyServlet. Putting the
additional protected content into another directory defeats the purpose of
trying to protect it with a servlet in the first place.
What I really want to do is tell the webserver that when it authenticates,
don't check it against its own ACL -- check it against the response from
MyServlet. So far, I haven't figured out a way to do this.
I'm testing this using NES 3.6 from my NT box, but we'll most likely be
deploying on IIS. Any help would be greatly appreciated.
Thanks,
-- Kyal
----------------------------------------------------
Kyallee Dalrymple [EMAIL PROTECTED]
Software Engineer (303)-277-1997 x108
Polygon Network, Inc. http://www.polygon.net/
----------------------------------------------------
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
