Subject: Re: Container Managed Authentication - Form based login
From: "David Bolsover" <[EMAIL PROTECTED]>
===
Rajesh
The solution I use is to have a LoginAction mapped to /login.do - which is a
protected resource - any requests for /login.do will have to pass the
container managed authentication. LoginAction can then do somthing like:
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con1 = DriverManager.getConnection("jdbc:odbc:xyz", "", "");
UserDAO udao = new UserDAO(con1);
User user =
udao.retrieveUserByUserName(request.getRemoteUser().trim());
request.getSession().setAttribute(Constants.USER, user);
David
[EMAIL PROTECTED]
"Rajesh Kalluri" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hi All,
>
> I have set up container managed authentication with tomcat with form based
> login.
>
> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/LoginForm.html</form-login-page>
> <form-error-page>/LoginError.html</form-error-page>
> </form-login-config>
> </login-config>
>
> -The entry point to my app is LoginForm.html.
>
> <form method="POST" action="j_security_check">
>
> Username: <input type="text" name="j_username"><br />
> Password: <input type="password" name="j_password"><br />
> <br />
>
> <input type="submit" value="Login">
> <input type="reset" value="Reset">
>
> </form>.
>
> I let Tomcat take care of authenticating the users password and his role.
>
> I want to store the user profile including his email and some other
> information from the database into session scope based on <%=
> request.getRemoteUser() %>.
>
> At what stage is it recomended to do this in a struts application using
> contianer managed authentication.
>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
