Re: basic authentication and servlets

Tue, 15 Aug 2000 22:11:57 -0700 

I have the same problem... I authenticate users(members) via a servlet from our 
corporate db and would then like to set the Authorise header so that the user can 
access a series of protected pages on our web site. I don't want to authenticate with 
the web server because we have over 60K members. I really only want to provide user 
authentication for member pages outside of my application requiring lightweight 
protection, all of the data updates, member data and ecommerce stuff happens via 
servlet and ssl.

Any suggestions appreciated.

Steve Irwin
Senior Web Developer
Stepsoft Pty Ltd
+61 2 62706580

>>> Jake Brain <[EMAIL PROTECTED]> 08/09 3:03 am >>>
I don't want Apache handle all authentication because that means the client
has to enter credentials in a pop up window, which does not look nice
compared to a nice log in page. But someone must know how to tell apache this
client has authenticated. I am surpised there is no setAuthorization method
in servlet API. After reading the Oreilly book, I thought l could make login
servlet unprotected. If the user is valid,   I could user URLConnection which
has setRequestProperty ( to use for authentication). With UrlConn I set thte
authorization header, and read a protected file. But will Apache be duped
into thinking the Auth header from urlConn is the authHeader from the client?
Any ideas.
In a message dated 8/8/00 11:10:29 AM Eastern Daylight Time,
[EMAIL PROTECTED] writes:

<<      I would assume that the authentication is all or nothing.  Why not
 just have Apache handle the authentication, and grab the username from the
 environment?
  >>

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

Reply via email to