> From: "David Reed" <[EMAIL PROTECTED]> > Sent: Wednesday, March 05, 2003 2:10 PM > Subject: Re: remember password HOW-TO?
> Thanks Will, So what are my alternatives to container > based authentication? Common wisdom today would be to use Filters, as they're pretty much ideal for this depending on how your app is set up (i.e. if your app is fairly straightforward). The real problem is that you can't mix and match. You either have to use Your Way entirely, or the Container Way. So, all of your code relying on the Servlet API for Roles and what not have to be changed, which is invasive and quite the drag. If you're willing to beat on Tomcat, then you can probably more easily tweak the org.apache.catalina.authenticator.FormAuthenticator class, or subclass it which would be safer. Tweaking that to support a "remember me" function would be a lot less code for you to write than implementing your own entire system, plus you'll not have to change any of your interior security checking code. Of course, this isn't portable to another container. Someone else may have a pointer to a plug in Servlet/Filter based security system that's available on the web, I haven't looked myself. Regards, Will Hartung ([EMAIL PROTECTED]) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
