[JBoss-user] [Security JAAS/JBoss] - Re: saving j_username as session/request parameter
You should check the ExtendedFormAuthenticator, available in JBoss 4.0.3+ http://wiki.jboss.org/wiki/Wiki.jsp?page=ExtendedFormAuthenticator View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3944764#3944764 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3944764 --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: saving j_username as session/request parameter
madalvi wrote : Few questions: | 1. Where do I put cotext.xml file? | 2. Where do I put the FormAuthValve class? | 1. I put it in the application WEB-INF folder 2. If you're using jboss 4.0.2 you just link your project to the library root_of_jboss\server\default\deploy\jbossweb-tomcat55.sar\tomcat55-service.jar which contains the class you need, then you configure it as in the wiki example. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3891750#3891750 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3891750 --- SF.Net email is Sponsored by the Better Software Conference EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile Plan-Driven Development * Managing Projects Teams * Testing QA Security * Process Improvement Measurement * http://www.sqe.com/bsce5sf ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: saving j_username as session/request parameter
niwhsa wrote : Why dont you put a servlet filter for the j_security_check servlet in your web.xml. In the filter code, you will have access to the request object from where you can read j_username and store it in the session. This would be the easiest way of doing this without tampering with the app server code. read this http://wiki.jboss.org/wiki/Wiki.jsp?page=CustomizingSecurityUsingValves and you'll have the answers you are looking for. If you don't like having jboss classes configured in your project, you may define your own valve extendig the tomcat native one Cheers View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3891755#3891755 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3891755 --- SF.Net email is Sponsored by the Better Software Conference EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile Plan-Driven Development * Managing Projects Teams * Testing QA Security * Process Improvement Measurement * http://www.sqe.com/bsce5sf ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: saving j_username as session/request parameter
If the Jboss FormAuthValve does really what you need, why don't you use it instead of creating your own copying the former? Just add in your context.xml file the configuration for this valve View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3891402#3891402 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3891402 --- SF.Net email is Sponsored by the Better Software Conference EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile Plan-Driven Development * Managing Projects Teams * Testing QA Security * Process Improvement Measurement * http://www.sqe.com/bsce5sf ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: saving j_username as session/request parameter
Few questions: 1. Where do I put cotext.xml file? 2. Where do I put the FormAuthValve class? View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3891459#3891459 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3891459 --- SF.Net email is Sponsored by the Better Software Conference EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile Plan-Driven Development * Managing Projects Teams * Testing QA Security * Process Improvement Measurement * http://www.sqe.com/bsce5sf ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: saving j_username as session/request parameter
Why dont you put a servlet filter for the j_security_check servlet in your web.xml. In the filter code, you will have access to the request object from where you can read j_username and store it in the session. This would be the easiest way of doing this without tampering with the app server code. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3891551#3891551 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3891551 --- SF.Net email is Sponsored by the Better Software Conference EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile Plan-Driven Development * Managing Projects Teams * Testing QA Security * Process Improvement Measurement * http://www.sqe.com/bsce5sf ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user