The filter approach isn't going to work AFAIK because the security
constraints have to be evaluated/applied/etc before any user code
such as filters are run. In fact IIUC there is no j_security_check
"servlet", that is handled directly by the web containers security
system.
Is there some reason you can't put your validation logic in an
(additional) login module?
thanks
david jencks
On Jul 18, 2007, at 9:05 AM, Bill Brown wrote:
Greetings:
I have an app with container managed security. There is a login
form that
uses j_username and j_password to post to j_security_check. I
would like to
perform some validation on the j_username and j_password to make
sure the
data entered is valid before checking the credentials against the
db. I
tried using a filter with filter-mapping in web.xml, but the filter
isn't
getting called. Below is the filter mapping. Does anyone know how
to do
this in geronimo 2.0? Is this possible?
<filter>
<filter-name>loginValidator</filter-name>
<filter-class>
com.abc..LoginValidateFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>loginValidator</filter-name>
<url-pattern>/j_security_check</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
I also tried the mapping without the <dispatcher> elements and it
didn't
work either. Thanks for any more information or clarification.
Bill.
--
View this message in context: http://www.nabble.com/filter-mapping-
for-j_security_check-tf4104213s134.html#a11671705
Sent from the Apache Geronimo - Users mailing list archive at
Nabble.com.
