Hi Chris,
On 12 March 2014 00:37, Christopher Schultz <ch...@christopherschultz.net>wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Neeraj, > > On 3/8/14, 2:06 AM, Neeraj Sinha wrote: > > Chris, > > > > On 7 March 2014 21:43, Christopher Schultz > > <ch...@christopherschultz.net>wrote: > > > > Neeraj, > > > > On 3/6/14, 4:34 AM, Neeraj Sinha wrote: > >>>> I have a jsp application and my tomcat version is 7.0.34. > >>>> Authentication is done using *Form based authentication.* > >>>> > >>>> My requirement is as follows: > >>>> > >>>> When user's account gets locked, he has to send a unlock > >>>> request and he gets a link in his registered email id > >>>> clicking on which takes him to unlocking page(let's say > >>>> *unlock.jsp*) which has 3 fields namely*username*, *password* > >>>> and *unlock_code* and a submit button. After submission, once > >>>> unlocked successfully the user should land to home page of > >>>> the application. > > How are you checking the username and password? If you are letting > Tomcat check that, you could make unlock.jsp protected so that the URL > points to https://..../unlock.jsp?code=[unlock_code]. After > authentication, Tomcat will redirect the user to the original URL -- > which will include the unlock code. > > Thanks. Actually in the realm implementation, I make a call to backend > authenticate () method which validates various login rules and if any of > them fails, it returns false and the user is not allowed to login > (GenericPrincipal object is instantiated with an invalid role) and is > re-directed to login page. One of the rule is user account locking rule so > user can not be authenticated successfully unless his/her user account is > unlocked first so this solution won't work. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBCAAGBQJTH18KAAoJEBzwKT+lPKRYXLQP/AzuccE3pEzq5yF4zCWnAZLf > VFdzsBJSbIt+C0CJyAffQ7UCRzVEZDJuAFVF12AhRcfdOUbn3N85QLUHPJoWHo0y > +EbwSc951iRgzeMexp6EgB9DfdltelxCt9gXmAdvpZ91jPAldyVPA6spAdlkUixh > +hcz9JqVMcILhN0tU35NilqbxYMRRQiserGHXffyRoH5KkWyeACLDrYICLgW8ylg > 2yIPtAkKv+Qr3CRintvGnBHVxf5WCQ76e4vo8dd81PC0Ds/KfNJ5qeSFPnIVND6V > KmA46lfpxezT0BOFV3OSRzsTDRJ2T7ZeyjPcbSknm+2SqLIhS0L0zLLF9S/4FFr2 > qxIXeZV+AnVqPZBHCNhgCMGoK71recUULRqPcrWPpowgwom/rGyuzyuHD1epADa4 > 2Uumcw6DcbK6bhkDTFC+5wzeIFdddVKMP546FL3QeY6OlfnUyR8RE7WjqxXgVDOO > Opti4wN7CHhEo9CzS4+IAOkJsghqXiiemuZvUgKcAuS5O5DiBiEtuc6uiDpT4H3S > CaVEvhLX5VrJhD2ZkM2vZQS3v45BTSEmhr5EswE3n9/vknrRV1Vyh+nuyx/RoiIc > M5id1+Gm/bS/3wVfcVrEyIavgwdj9gK9Lwl0DhexlWq4HCUVqRCsaNBcRR9qY/Tc > jEU85sGWpjuH1N8vhhLJ > =HOx2 > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- Regards, Neeraj
