Hi there, The webapp I'm currently developing uses the j_security_check method of authentication. That is, when authentication is required (ie: when a client tries to access a restricted resource) the client gets directed to the file specified in the <form-login-page> tag in my web.xml file - in this case this file is login.jsp. This JSP presents a form to the client whose action is j_security_check, an internal Tomcat servlet (though it is more general than Tomcat, being in the Servlet spec) that processes this response. When the user is authenticated, based on her username and password, by the j_security_check servlet she is returned to the resource she first requested.
However, I am needing to set further login tokens based on the username and password given and am thus looking to somehow intercept the j_security_check servlet - ideally without rewriting it. This is because I am trying to create an authentication token for a third party web application (and thus creating single sign on as the third party web app doesn't use tomcat container authentication) at the same time as logging into the main site. If anyone has any ideas I would be, of course, very grateful. Joel Baker. -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
