Thanks Steve,
This is ok. But, my problem comes because I authentify the user when he
is visiting non-secure pages, and at one point he accesses to secure
pages and it is at this point where I don't want to call the form-base
authentication, I just want to give him access rigth away, so I was
thinking on one way to call the "j_security_check" where I will pass it
the userid and password or setting some attributes so tomcat wouldn't
use its authentication scheme.
Steve Vanspall wrote:
>We have a similar situation here.
>
>In our case we keep the bean in which you store this information, in session
>when they logon.
>
>You could just store the userid and password in session when they log-on and
>remove it when they log off.
>
>e.g. session.getAttribute("User Information", UserInfoBean);
>
>that's how the forms store there information when forwarding to other pages.
>
>
>
>-----Original Message-----
>From: Antonio De Lilla [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, 16 April 2002 11:09 AM
>To: Tomcat Users List
>Subject: Authentication without using forms
>
>
> Hi All,
>
> Please, if someone can help.
>
> I'm running Tomcat 4.0.3 with j2sdk1.4 on Linux 7.1
>
> I'm trying to authentify a user to access secure pages without using
>forms. I would like to call directly "j_security_check" passing the
>"userid" and "password" as parameters. The problem is that the user has
>been already authentified, and I don't want to ask him his "userid" and
>"password" again to access the secure pages.
>
> Thanks in advanced.
>
>Tony
>
>
>--
>To unsubscribe: <mailto:[EMAIL PROTECTED]>
>For additional commands: <mailto:[EMAIL PROTECTED]>
>Troubles with the list: <mailto:[EMAIL PROTECTED]>
>
>
>--
>To unsubscribe: <mailto:[EMAIL PROTECTED]>
>For additional commands: <mailto:[EMAIL PROTECTED]>
>Troubles with the list: <mailto:[EMAIL PROTECTED]>
>
>
>
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
