Hi! We are currently using the integrated authentication of JBoss/Tomcat. Secured pages are defined in the web.xml and the application server redirects to the requested page after successful login. Users and passwords are stored in an LDAP server. In future it would be nice to extend this with OpenID.
The problem is: While the login page is shown, I do not have any access to the activation context of the requested page. It would be nice to know it in order to change the layout of the login page. So I read some articles on this mailing list, deployed sample implementations like spring-security and studied blog posts. This all shed some light on the whole topic, but I am unsure which approach is the best for us. In general I prefer some tested module to a self-made solution. Spring security seems promising but may be overkill for our use case. And would it fix my above issue? I know this topic comes up regularly on this list but it would be nice if someone could share his experience on this matter. Regards Stephan --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
