If you are using basic authentication then yes jboss can help. You can write your own/extend the existing loginmodules to get the password. It will nto be encrypted. Even if you end up using SSL by the time the password reaches the login module it should be decrypted already.
If you are using form based login, you can get the password even in tomcat. The easiest would be to put a filter to the j_security_check servlet. In the filter you can read j_password from the request. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3898577#3898577 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3898577 ------------------------------------------------------- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user