There's no non-proprietary way of doing this that I know of right now. I
think someone showed me a way to do this in Orion, but I can't seem to
remember at the moment. If you get the answer let me know.
I have received a response from the servlet 2.3 spec team, and they say that
this feature will most likely be implemented in the 2.3 api, which will make
it non-proprietary. There are members on the Orion team that are on the
servlet committee as well, so that's a good sign.
One portable, if inelegant solution, you can use right now is to create a
base class inherited from HttpServlet that calls a function similar to the
one below in the service() method. Example:
public com.your.UserObject getUser(HttpServletRequest req)
{
HttpSession session = req.getSession(true);
com.your.UserObjectuser =
(com.your.UserObject)session.getAttribute("user");
if (user == null)
{
user = someWayOfCreatingAUser(req.getRemoteUser());
session.setAttribute("user", user);
...
// do other things you need to do
}
return user;
}
Then create servlets that inherit from this class, and they all gain this
ability. I don't like this solution, especially when jsp files get thrown in
this mix, but I don't know of a better way right now.
Kit Cragin
VP of Product Development
Mongoose Technology, Inc.
www.mongoosetech.com
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Martin Mavrov
Sent: Monday, July 03, 2000 6:34 AM
To: Orion-Interest
Subject: Taking actions after form-based authentication?
Hi,
I've been wondering how can programmer take some actions (for example to put
things in HttpSession)
after the user had authenticated itself via form? For instance - the user
tries to access some
protected resource, it is presented the authentication form, it enters
login/password and
is forwarded to the requested resource - how can I intercept that forward
action?
Best regards,
[EMAIL PROTECTED]
