Hello,
I don't want to reinvent the wheel. Container managed security is a fine
thing and works well. While it's easy to call a session.invalidate() to
logout of a session in whatever way I like (JSP, Servlet, ...), loggin
in still looks a bit ugly, even with the possibility to define a
separate login and error-page.
What I imagine is a customized version as you all know from portals like
yahoo
input1: username
input2: password
checkbox: remember my username
submit: login!
Once I logged out, the username could be stored in a cookie and
redisplayed at input1 when I'm about to login the next time.
So far, this is not a problem. Looking up users through jdbc isn't a
problem as well. But how can I inform the container about a successful
login, so that calls to request.getRemoteUser() and
request.isUserInRole("manager") will behave as if I logged in through
the common j_security_check?
Regards
Marten
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
