Hi Tim, Thanks for the reply. I will take a lok at your suggestion, however using a valve would make the login structure Tomcat specific. Most Servlet-Containers supply someway of doing the authentication through LDAP / JDBC / FILE... and thus using this scheme is quite safe.
But is there als a 'standard' way of using an auto login feature without breaking the Container independence. - Joel On Tue, 2003-06-03 at 13:38, Tim Funk wrote: > I think you'd need to use a valve instead of a filter. The filters are > invoked after any security check is done (i believe). > > As a starting reference, look at the SingleSignOn valve. > > -Tim > > Jo�l Wijngaarde [Us Media] wrote: > > Hi, > > > > I was wondering if there is a standard way of creating automatic login > > functionality in tomcat. > > > > What I mean is that a user can set a tik a box saying 'Automatically Log > > me in the next time I visit'. This is a common functionality on low > > security sites and improves user experience a lot. > > > > We now use the JDBC Realm for authentication of the users. Of course we > > can 9implement our own security filter checking for the necessary > > credentials, but it would be great if we could use the web.xml file to > > define the security constraints. > > > > Any suggestions or references? > > > > > > Regards, > > > > > > Joel > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] -- Us Media Stadhouderskade 115 1073 AX Amsterdam t: +31 20 428 6868 f: +31 20 470 6905 w: http://www.usmedia.nl --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
