Thats the bad news, you tomcat specific code should be easy to port to other containers if they provide that functionality.
-Tim
Jo�l Wijngaarde [Us Media] wrote:
Hi Tim,
Thanks for the reply. I will take a lok at your suggestion, however using a valve would make the login structure Tomcat specific. Most Servlet-Containers supply someway of doing the authentication through LDAP / JDBC / FILE... and thus using this scheme is quite safe.
But is there als a 'standard' way of using an auto login feature without breaking the Container independence.
- Joel
On Tue, 2003-06-03 at 13:38, Tim Funk wrote:
I think you'd need to use a valve instead of a filter. The filters are invoked after any security check is done (i believe).
As a starting reference, look at the SingleSignOn valve.
-Tim
Jo�l Wijngaarde [Us Media] wrote:
Hi,
I was wondering if there is a standard way of creating automatic login functionality in tomcat.
What I mean is that a user can set a tik a box saying 'Automatically Log me in the next time I visit'. This is a common functionality on low security sites and improves user experience a lot.
We now use the JDBC Realm for authentication of the users. Of course we can 9implement our own security filter checking for the necessary credentials, but it would be great if we could use the web.xml file to define the security constraints.
Any suggestions or references?
Regards,
Joel
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
