Re: Form Based Authorization Question

Thu, 11 Jan 2001 14:52:16 -0800 

Hi,

Thanks for responding.  I'm not sure what you mean exactly.  If you mean
grab the Referer header, that isn't working (and I thought that only
worked when you clicked on a link on some page that took you to the
current page).  getHeader("Referer") is returning null after a
redirect.  I thought there was some way to figure out what the original
location was after a redirect? Do you, or does anyone know what it is?

Thanks,
David

Michael Wentzel wrote:
> 
> > I am implementing the Java Servlet Form based login mechanism
> > in my web
> > application, and had a question.  Is it possible for me to have a
> > "default location" that a user goes to when they login?  In many
> > instances, a user will go directly to the login JSP, rather than
> > requesting a web resource first (which then causes Tomcat to
> > display the
> > login page, and then redirect back to the resource after
> > authentication).  If they haven't requested a resource, I'd like the
> > login to take them to their "home" (different roles have
> > different homes
> > in my application).  The only way I see right now is to check
> > and see if
> > session.getAttribute( "tomcat.auth.originalLocation" ) is
> > null, but that
> > seems rather naughty... is this the only way of doing it.  I have
> > written my own Realm object (that extends BaseInterceptor) for
> > authentication/authorization purposes.  Could something be done in
> > there?
> 
> One solution to to check the referring document and see if it's a valid
> one otherwise go to default for user determined from database.
> 
>  ---
> Michael Wentzel
> Software Developer
> <A HREF="http://www.aswethink.com">Software As We Think</A>
> <A HREF="mailto:[EMAIL PROTECTED]">Michael Wentzel</A>
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, email: [EMAIL PROTECTED]

-- 
David Haraburda - [EMAIL PROTECTED]
Outsourcing Center - Providing Insight Into Outsourcing
972-980-0013 x736

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]

Reply via email to