No we want to add registration and have the following happen
1.) Customer requests access to a realm
2.) Redirect to login page
3.) Customer doesn't have an account yet and accesses registration page
4.) Customer registers
5.) On successful registration the customer is redirected to the original request
Now to get this working we need the following, both of which we are not sure are currently provided by the authentication framework.
-Ability to access the original (SavedRequest) from a JSP / Servlet
-Ability to "auto/fake" login from within the webapplication
You cannot access the original request if the url is protected by a security-constraint and the user has not logged in. Tomcat will always jump in first with the CMS login.
To fake it and keep CMS, reduce your real realm to a security constraint on one URL and set up a filter to check for the user's status. If not logged in, saved the parts of the request you need in the session, and redirect the user to the protected page to trigger the container login.
Then after the login succeeds and the user gets through to that protected URL, check the session for the info and redirect them to their original destination.
You can put a link on the login page to the registration URL - I'm not sure about the redirection logic but it should be possible to redirect them after registration back to the login page to login, and then on to their original destination.
HTH Adam
-- struts 1.1 + tomcat 5.0.16 + java 1.4.2 Linux 2.4.20 Debian
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
