I might be able to put some general code in the login form (as a jsp)
that puts all form data present in the previous page into the login form
so it could be passed on, but that will still leave the problem of the
method becomes GET instead of POST.

I'm really hoping there's a more elegant solution - after this
technology's been around for a while!

Yeah, but there are some basic limitations to the container managed security model, and I haven't heard any signs that they are being addressed. For example, container managed security doesn't allow you to present a login form to a user as a component of any page besides the single registered form, and it doesn't allow you to server resources from one path with two different states, "user authorized" or "not authorized"... Both of those are standard in modern webapps, but there's no clean way to handle them using container managed security. (I saw a JDJ article last year that had some work arounds...)

So that said, it may not be surprising that the container managed security model also has no support for continuing the flow of request data to the originally requested URL after logging in.


Joe Germuska [EMAIL PROTECTED] http://blog.germuska.com "Imagine if every Thursday your shoes exploded if you tied them the usual way. This happens to us all the time with computers, and nobody thinks of complaining."
-- Jef Raskin

To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to