On 24/12/2009 17:38, scorpioy wrote:
Thanks for the reply. I think I'm not really accessing the login page. I just
have a copy of it and named it as login_auto.jsp. This page is not
registered in web.xml, and is not under any restricted path.
I just let servlet to forward to this page, then let javascript in this page
to do automatic form login for the user. Can I do that?
But if the request for a secure resource isn't created first, how will
the container know which page to direct to at the end of the process?
Answer: probably not going to do what you want.
Solution: see SecurityFilter project, roll your own security, or wait
until Servlet Spec 3.0 is final.
p
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
