-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chuck,
On 8/15/2011 9:49 AM, Caldarale, Charles R wrote: >> From: Chen Paz [mailto:chen....@expand.com] Subject: >> j_security_check and RequestDispatcher forward > >> I am using a servlet to intercept form based authentication in >> order to insert attribute into the request and then to redirect the >> request to j_security_check using RequestDispatcher. > > I wouldn't expect that to work, due to the special handling > requirements of j_security_check, in particular that the container > remember the original request of the protected resource and replay it > automatically when authentication is successful. > > What you might want to try is a filter rather than a servlet, and > have the filter modify the j_security_check request when it comes > through. (Not completely sure that's possible, either.) Another > option is to use a ServletRequestListener to manipulate requests as > needed. This may have changed in 7.0.x, but IIRC you can't intercept a request to j_security_check using a Filter... you'll have to use a Valve and make sure it fires before the authentication valve. Otherwise, the authenticator will have processed the request before your filter (or valve) gets a chance to do anything with it. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5JRbUACgkQ9CaO5/Lv0PDTpQCdH/QKcJ/Eh1a6siRy4IRmBVmW jF4An0DS/yoxiY/32En6xv8BhS2tRhlu =hKm2 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
