if you develop a JAAS login module, you can get it to do pretty much anything you want, apart from having instant access to that user's session. You could write the login attempts to a database for instance.
Adam
On 01/31/2004 11:51 PM Tim Funk wrote:
Yeah. Use a Valve. A Valve is just like a filter but is tomcat dependent and is issued before any filters are invoked.
Any such functionality your looking for is NOT Servlet spec specific so whatever solution you use - you'll be locked into that container.
-Tim
Frank Febbraro wrote:
Well that sucks :-(
Any change that in the future Tomcat can have somethign silimar to the
auth-filter in WebLogic...basically just a way to hookup (via interface) a
class that can be notified of these events?
Guess I need to break out my papers and roll my own....again.
For those with problems such as these, check out http://opensource.atlassian.com/seraph/introduction.html
----- Original Message ----- From: "Tim Funk" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Friday, January 30, 2004 7:29 AM Subject: Re: ServletFilter on j_security_check
The Sun spec team has said that filters can't be applied to
j_security_check.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21795
-Tim
Frank Febbraro wrote:
Using Tomcat 4.1.x
In looking at the source it seems that there is no simple way to hook
into the Login process to get notified of successes or failures (dammit). So
I was attempting to servlet filter the j_security_check and do my own
pre/post processing. However I am unable to filter it. Is this URL
specifically ignored by the filtering mechanism?
My web.xml file looks as such...
<filter> <filter-name>login</filter-name> <filter-class>raider.portal.servlet.LoginFilter</filter-class> </filter>
<filter-mapping> <filter-name>login</filter-name> <url-pattern>/j_security_check</url-pattern> </filter-mapping>
Kinda running out of options at this point, anyone else had a problem
similar to needing to audit the login results?
Thanks in advance, Frank
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- struts 1.1 + tomcat 5.0.16 + java 1.4.2 Linux 2.4.20 Debian
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
