Which version of the server are you using? FORM based authentication works
for me on 1.4.5 - have not tried to forward to j_security_check, though (and
can't find any file named like this in the jars).
>From what you describe, you probably may want to catch any request before
it's regular dispatch using the <servlet-filter /> tag in orion-web.xml. I
plan on trying this myself ASAP (speak: mañana) ...
Peter N. Saurugger
Everest eCommerce
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, February 22, 2001 5:27 AM
To: Orion-Interest
Subject: Any way to "forward" to j_security_check?
Does anyone know a way to "forward" to the j_security_check processing in
Orion ? We use form-based login but have our own processing to do ahead of
the
standard j_security_check.
On J2EE Reference Implementation (and e.g. Weblogic) we post the form to our
own servlet instead of j_security_check, then forward from this to
j_security_check. This doesn't seem to work on Orion i.e. j_security_check
doesn't seem to be something one can get a request dispatcher for.
Of course, the servlet spec doesn't mandate anything about how the server
should implement the j_security_check mechanism, so potentially it doesn't
have to have anything that can be referenced and invoked from application
code. But it would be useful to be able to.
I've also thought about programmatically simulating a post to
j_security_check
instead of trying to forward to it, but doesn't look simple and not sure
this
would work on Orion either. Might be helped by Servlet 2.3 but can't move to
that yet.
Am I just missing some trick to this, or is it not possible on Orion? Or is
it
related to a bug somewhere ? (n.b. even a normal post to j_security_check
seems to fail, and to get sign-on to work I have to use Orion's non-standard
feature of leaving the action unspecified).
