Dipak, Are you certain that the filter will be invoked on the /j_security_check request when container-based security is used? I have not tested this, but it would not surprise me to find that some containers do not execute filters on /j_security_check requests. I don't know if the Servlet Spec says anything about this case.
Chris, Another alternative to the original problem of security with "remember me" functionality will be available soon. A patch has been submitted to my SecurityFilter project (http://www.securityfilter.org/) to support "remember me" functionality. The integration should be complete soon, and a beta release will be made available once the integration is complete. SecurityFilter works very much like container-managed security otherwise, including the configuration format (except that you declare the constraints in a separate config file rather than web.xml). -Max ----- Original Message ----- From: "Parmar, Dipakkumar" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Sent: Monday, January 12, 2004 7:43 AM Subject: RE: handling form based authentication w/ remember-me cookie > Hi Chris, > > You can do this using Servlet Filter. What you need to do is write > postLoginFilter that maps to the j_security_check url. > > In doFilter method, you can write your post login code after > j_security_check done is work. > > Something like: > public void doFilter(.....) > > // let the j_security_check to do it's work > chain.doFilter(request, response) > > // do you post login stuff here > > Regards, > Dipak Parmar > > > > -----Original Message----- > From: Chris Ruegger [mailto:[EMAIL PROTECTED] > Sent: Monday, January 12, 2004 9:53 AM > To: Struts Users Mailing List > Subject: handling form based authentication w/ remember-me cookie > > > I am using Struts and building a logon page to do Form-based authentication > under Tomcat. I want to also have a checkbox for the user to check that says > "remember me" so that I can send them a cookie. I'm not sure how to > "intercept" > the form values because I have to post to j_security_check. How can I get > the > check-box value, set up the cookie, and send them to j_security_check with > struts? > > Thanks > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
