Not sure what you are looking for, but we do this on all of our web apps. Users can bookmark the login page all they wish, in fact the login page is index.jsp. They type their username and password in, click submit. This posts to a JSP, the JSP checks against a database, and approves or disapproves. If approves, sets a session variable. On every other JSP, there is a check for the session variable. If not set, bounce to index.jsp.
There are probably other much more elegant ways to do it, and probably ways to do this built-in to Tomcat, but the method above works for us.
If there's another, more elegant way to do this, I'd love to see an explanation of it and the rationale for it.
John
On Mon, 30 Jun 2003 10:45:41 -0400, Kevin Andryc <[EMAIL PROTECTED]> wrote:
Hi all,
In a previous project, I decided to use Tomcat authentication and just
had nightmarish troubles. Telling people they couldn't bookmark the logon
page just isn't a solution. Plus, many people had serious problems trying to
login. They would enter in their user name and passwords multiple times, and
still could not get in. I would honestly say 25-30% of the people had
problems, which did not reflect well on me. Previously I used Apache
authentication, but it is just not as flexible as Tomcat, but then again I
never had a problem with it. I was wondering if there are any suggestions
for authentication? I don't really want to use Apache for this upcoming
project and would really prefer a Tomcat-like authentication mechanism where
I could use a database to hole user names and passwords etc. Any suggestions
would be appreciated!
Thanks, Kevin
Kevin Andryc Web Systems Engineer MISER http://www.umass.edu/miser/ Phone: (413)-545-3460 [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
