I think you can still solve your problem with form-based authentication: 1. rather than storing cookies, you already have the user's username/password (right?) - just use that in BreadCrumbFilter. 2. "j_security_check" is just a URL that tells that appserver to perform authentication. It will still forward to the requested (secure) resource as specified in your web.xml.
HTH, Matt > -----Original Message----- > From: Julie Steiner [mailto:[EMAIL PROTECTED] > Sent: Thursday, February 27, 2003 9:04 AM > To: [EMAIL PROTECTED] > Subject: RE: Automatic Basic Authentication Question > > > Matt, > > Thanks for the info. I really appreciate it. > > However, (unfortunately) I can't implement this solution for 2 > reasons: > > 1. It is forbidden for us to set any cookies on the users machines. > 2. The URL that the user is being forwarded to is out of my control. > (The server was a server set up by our Network Engineers.) > > Any ideas? > > Thanks Again for your time! > > Julie > > > >>> [EMAIL PROTECTED] 02/27/03 10:23AM >>> > You could use form-based authentication and "remember me" > functionality: > > http://tinyurl.com/6du0 > > To see real code: > > LoginServlet.java (http://tinyurl.com/6jn4) > BreadCrumbFilter.java (http://tinyurl.com/6jn8) > > HTH, > > Matt > > > -----Original Message----- > > From: Julie Steiner [mailto:[EMAIL PROTECTED] > > Sent: Thursday, February 27, 2003 8:16 AM > > To: < > > Subject: Automatic Basic Authentication Question > > > > > > Hello all, and thanks in advance for the help! :) > > > > From my Struts Action, I am trying to forward to a new URL that uses > > basic authentication. I have already Authenticated the user, > > and would > > like to pass the user credentials to the webserver so that the > > Authentication form will not 'pop up' . I have attempted to > > put in the > > username:password in the authorization header, but this does > > not seem to > > work as of yet. > > > > This is what I have done so far: > > > > BASE64Encoder encoder = new BASE64Encoder(); > > > > String header = "username" + ":" + "password"; > > String encodedHeader = encoder.encode(header.getBytes()); > > response.addHeader("Authorization", "Basic " + encodedHeader); > > > > return (new ActionForward("my secured site", false)); > > > > > > Thanks Again! > > > > Jules > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > -------------------------------------------------------------- > --------- > > The contents of this message have been scanned for viruses by > the TruSecure ShadowMail Service, and no viruses were found. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
