I think my problem is now quite clear. Can anybody pls suggest any solution?
> ----------
> From: Sudarson_Pratihar[SMTP:[EMAIL PROTECTED]]
> Reply To: A mailing list for discussion about Sun Microsystem's Java
> Servlet API Technology.
> Sent: Sunday, April 15, 2001 4:26 PM
> To: [EMAIL PROTECTED]
> Subject: Re: How to supply credentials for J2ee Security Realm in
> form b ased authentications of web based application
>
> Thanks to you and Jason both.
>
> I think I haven't framed the question correctly. Anyway, I'm highlighting
> the points once again that I want to clarify.
>
> 1. I want use security realms talked in j2ee and as provided by weblogic
> 5.1
> ,too.
>
> 2. In using security realm, we can specify different accesses of groups
> and
> users to the particular servlet or JSP.In that scenario, normally browser
> promts for authentication and uses that authentication thru out the
> session
> for authorization to particular realm as and when required.
>
> 3. At the same time, the login procedure I'm using is form based. And
> don't
> want that browser will pop up ugly dialog box for authentication. In
> stead,
> the authentication supplied at the time of log in is supplied
> programatically(or whatever way may be) to the server for authorization as
> and when asked by the realm.
>
> 4. I have once again gone thru the avaliable edition of Jason's book(not
> latest one). And found what that book talking about setting particular
> flag
> and using that flag programatically to check whther the user have logged
> in
> or not. But that doesn't talk about the authorization thru security realm.
> That is a user logged in doesn't mean he is allowed to access the
> particular servlet. This is a obvious scenarion when you are restricting
> some resources , say to public users-- only user paying for the service
> may
> be allowed only. And once again using security realm that can be done very
> easily as there is a concept of giving ceratin access to groups so that we
> can make some groups and whenever the users are registered, we can include
> them into particular group. But the only problem is that server(actually
> ream) will ask browser to give the authentication and browser will either
> give the login user has provided at the login time or if hasn't provide
> yet
> then prompt for authentication for particular realm. And I want to avoid
> that and would like to supply credentials supplied by user in form based
> login whenever realm asks for authentication.
>
> Is that possible?
>
> Hope I have clarified my question correctly.
>
> Thanks and Regards,
> Sudarson
>
> > ----------
> > From: Mark Galbreath[SMTP:[EMAIL PROTECTED]]
> > Reply To: Mark Galbreath
> > Sent: Sunday, April 15, 2001 4:23 AM
> > To: [EMAIL PROTECTED]
> > Subject: Re: How to supply credentials for J2ee Security Realm in
> > form b ased authentications of web based application
> >
> > Then you need to refine your question. As you state your need,
> > the reference to Jason's book should cover exactly what you are
> > trying to do.
> >
> > Cheers!
> > Mark
> >
> > ----- Original Message -----
> > From: "Sudarson_Pratihar" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Saturday, April 14, 2001 5:42 AM
> > Subject: Re: How to supply credentials for J2ee Security Realm in
> > form b ased authentications of web based application
> >
> >
> > > Is it the book of oreilly publications? If not, pls tell me
> > whether the soft
> > > copy of the book is availble in web.
> > >
> > > If it is the oreilly one, I haven't find any feasible solution.
> > > > ----------
> > > > From: Mark Galbreath[SMTP:[EMAIL PROTECTED]]
> > > > Reply To: Mark Galbreath
> > > > Sent: Saturday, April 14, 2001 12:47 AM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: Re: How to supply credentials for J2ee
> > Security Realm in
> > > > form based authentications of web based
> > application
> > > >
> > > > See Jason Hunter's "Java Servlet Programming," pp. 227ff.
> > > >
> > > > Cheers!
> > > > Mark
> > > >
> > > > ----- Original Message -----
> > > > From: "Sudarson_Pratihar" <[EMAIL PROTECTED]>
> > > > To: <[EMAIL PROTECTED]>
> > > > Sent: Friday, April 13, 2001 2:00 AM
> > > > Subject: How to supply credentials for J2ee Security Realm in
> > > > form based authentications of web based application
> > > >
> > > >
> > > > > Hi All,
> > > > >
> > > > > As we all know that in in J2EE we can set acls also to
> > servlets
> > > > , jsps. And
> > > > > the credentials is supplied by browser in case of web based
> > > > application. And
> > > > > that is only possible if we use authentication process of
> > > > browser, so that
> > > > > browser will pop up authentication dialog box for
> > particular
> > > > realm. But if
> > > > > I'm using a formbased authentication(as it is for
> > comfortable
> > > > for end
> > > > > users), how can I pass the credentials and how can maintain
> > the
> > > > credentials
> > > > > over the entire session so that whenver web server asks for
> > the
> > > > > authentications for authorizng the user to access the
> > servlet
> > > > or jsp, the
> > > > > credentials will be supplied. So that browser won't pop up
> > > > dialog box.
> > > > >
> > > > >
> > > > > One more point, if cetificate based authentication is being
> > > > used, how to use
> > > > > for the realms.
> > > > >
> > > > > Pls do give your suggestion.
> > > > >
> > > > > Thnaks and Regards,
> > > > > Sudarson
> > > > >
> > > > >
> > > >
> > _________________________________________________________________
> > > > __________
> > > > > To unsubscribe, send email to [EMAIL PROTECTED] and
> > include
> > > > in the body
> > > > > of the message "signoff SERVLET-INTEREST".
> > > > >
> > > > > Archives:
> > > > http://archives.java.sun.com/archives/servlet-interest.html
> > > > > Resources:
> > > > http://java.sun.com/products/servlet/external-resources.html
> > > > > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
> > > > >
> > > >
> > > >
> > _________________________________________________________________
> > _________
> > > > _
> > > > To unsubscribe, send email to [EMAIL PROTECTED] and
> > include in the
> > > > body
> > > > of the message "signoff SERVLET-INTEREST".
> > > >
> > > > Archives:
> > http://archives.java.sun.com/archives/servlet-interest.html
> > > > Resources:
> > http://java.sun.com/products/servlet/external-resources.html
> > > > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
> > > >
> > >
> > >
> > _________________________________________________________________
> > __________
> > > To unsubscribe, send email to [EMAIL PROTECTED] and include
> > in the body
> > > of the message "signoff SERVLET-INTEREST".
> > >
> > > Archives:
> > http://archives.java.sun.com/archives/servlet-interest.html
> > > Resources:
> > http://java.sun.com/products/servlet/external-resources.html
> > > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
> > >
> >
> >
> __________________________________________________________________________
> > _
> > To unsubscribe, send email to [EMAIL PROTECTED] and include in the
> > body
> > of the message "signoff SERVLET-INTEREST".
> >
> > Archives: http://archives.java.sun.com/archives/servlet-interest.html
> > Resources: http://java.sun.com/products/servlet/external-resources.html
> > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
> >
>
> __________________________________________________________________________
> _
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
> body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
