Hi CJ:
If you are planning on doing un/pw checking via a form/servlet/dbtables, why
then would you *also* need to secure the folder (using basic challenge
authentication)? Why not simply redirect to an "ordinary" folder, rewrite all
the .html files in the folder as .jsp files and ensure at the top of the jsp
files that if the required session variables are not set, then you redirect to
the login page. Once the required session vars are set (in the login.jsp) you
can go merrily on your way.. Hope this makes sense. (;-)
Geeta
CJ Smessaert wrote:
> i'm trying to accomplish the following:
>
> implement a single sign-on html form which would, upon submission, check if
> the username/password pair is a valid user via a database call, potentially
> check if the user is a valid user on the network (NT), and if determined to
> be a valid user, set valid http headers and sessions, then redirect the user
> to a folder secured by 'basic challenge' authentication. the goal is to
> avoid the standard login prompt (ugly, intrusive).
>
> anyone have insight on how to programatically set the headers? any catches?
>
> CJ Smessaert
> Ignition State
> http://www.ignitionstate.com
> 312.948.5110 (v)
> 312.648.8615 (f)
> 312.399.1262 (c)
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
