It is usually extended by others. I found the very popular example on javaworld.com
where the author created an RDBMDLoginContext. I changed that to my own OJBLoginContext
because I use Apache OJB. Its pretty easy to write one, just override each of the
methods.
Charlie
Allistair Crossley wrote:
All our actions extend an abstract base action that handles auth if the session user is null and then delegates to a subclass to do the actial work which is another way of what you describe there.
Hm...are you saying you use JCIFS also? Is the loginContext your own or part of the JCIFS API.
ADC
-----Original Message----- From: Charles N. Harvey III [mailto:[EMAIL PROTECTED] Sent: Thu 08/04/2004 20:38 To: Tomcat Users List Cc: Subject: Re: Tomcat configuration tuning
I do just what you described below. If the loginContext isn't in the
session,
I show do a global-forward to the login form. And, because I didn't want to
have to put a session check into every Struts action I used AspectJ to weave
in a pointcut into every action. Works great. I was considering going with
a filter servlet instead but if you say its slow then maybe I did the right
thing.
Charlie
Allistair Crossley wrote:
>Slightly off-forum but related to my performance tuning of my tomcat webapp, I am using the JCIFS NTLM authentication servlet as a filter. The filter is mapped to all requests /*. I just thought to myself on the train home whether because NTLM is a 3-way handshake, that this may be causing some kind of performance hit.
>
>The filter authenticates the desktop user and then populates the request.getRemoteUser. I suppose I "could" do this once with a login servlet and then populate a session user object and if that ever expires redirect back to the login servlet.
>
>Does anyone have an opinion on whether it would be worth my time removing the filter per request in favour of a once-only login action.
>
>I appreciate this is off-tomcat, so no hard feelings if noone replies ;)
>
>ADC
>
>
><FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLUE>
>-------------------------------------------------------
>QAS Ltd.
>Developers of QuickAddress Software
><a href="http://www.qas.com";>www.qas.com</a>
>Registered in England: No 2582055
>Registered in Australia: No 082 851 474
>-------------------------------------------------------
></FONT>
>
> >
>------------------------------------------------------------------------
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLUE> -------------------------------------------------------
QAS Ltd.
Developers of QuickAddress Software
<a href="http://www.qas.com";>www.qas.com</a>
Registered in England: No 2582055
Registered in Australia: No 082 851 474
-------------------------------------------------------
</FONT>
------------------------------------------------------------------------
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
