RE: Authentication with JAAS / Form Autenthication/ "j_security_check"
Jose, How about sending the user to an intermediate page after logging in to select a company? Robert >= Original Message From Jose Antonio Chirinos <[EMAIL PROTECTED]> = >Thanks for yours sugestions, the reason for which i need to do that is because i have to do an authentication module that are able to authenticate a user depending on a company. That is because a user can be in 2 or more companys and the data of the companys is diferent. >Thanks in Advanced. > >Adam Hardy <[EMAIL PROTECTED]> wrote: >Yes, but if they happen to have javascript disabled, they will get very >confused! > >On 11/28/2003 11:23 AM Andoni wrote: >> You don't have to instruct the user to do this. Just have login form as a >> hidden form and fill (and submit) it using JavaScript. You can get the >> values from a login form you call whatever you like and then append whatever >> you like to the end of each of the username and password. >> >> This does sound rather odd though and you should really be looking at the >> bigger picture of your architecture to see why you have this problem in the >> first place as it sounds like you are trying to hack a solution to me!! >> Sorry if your not! >> >> Andoni. >> >> - Original Message - >> From: "Adam Hardy" >> To: "Tomcat Users List" >> Sent: Thursday, November 27, 2003 10:08 PM >> Subject: Re: Authentication with JAAS / Form Autenthication/ >> "j_security_check" >> >> >> >>>On 11/27/2003 06:41 PM Jose Antonio Chirinos wrote: >>> >>>Hi, i have a web application that use web authentication through >>>"j_security_check" servlet; i need to add an extra parameter diferent >>>of "j_password" and "j_username"; i guess that i have to put the >>>extra parameter in the login form and in the definition of the realm; >>>but where i have to include the code for the comparation of the new >>>parameter.Thanks in Advanced.Jose Antonio Chirinos. >>> >>>Jose, >>>tomcat (and all servlet spec compliant app servers) won't process any >>>further parameters other than the two you mention. When you code your >>>realm, you code a LoginModule or equivalent which is passed these 2 >>>parameters. >>> >>>This means the only option you have is to instruct the user to place the >>>extra parameter on the end of the username, perhaps after an appropriate >>>seperator character, so that you can then split your extra parameter >>>from the user name in your realm code. >>> >>> >>>HTH >>>Adam >>>-- >>>struts 1.1 + tomcat 5.0.14 + java 1.4.2 >>>Linux 2.4.20 RH9 >>> >>>- >>>To unsubscribe, e-mail: [EMAIL PROTECTED] >>>For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >> >> >> >> - >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > >-- >struts 1.1 + tomcat 5.0.14 + java 1.4.2 >Linux 2.4.20 RH9 > >- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > >- >Do you Yahoo!? >Free Pop-Up Blocker - Get it now - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Authentication with JAAS / Form Autenthication/ "j_security_check"
Thanks for yours sugestions, the reason for which i need to do that is because i have to do an authentication module that are able to authenticate a user depending on a company. That is because a user can be in 2 or more companys and the data of the companys is diferent. Thanks in Advanced. Adam Hardy <[EMAIL PROTECTED]> wrote: Yes, but if they happen to have javascript disabled, they will get very confused! On 11/28/2003 11:23 AM Andoni wrote: > You don't have to instruct the user to do this. Just have login form as a > hidden form and fill (and submit) it using JavaScript. You can get the > values from a login form you call whatever you like and then append whatever > you like to the end of each of the username and password. > > This does sound rather odd though and you should really be looking at the > bigger picture of your architecture to see why you have this problem in the > first place as it sounds like you are trying to hack a solution to me!! > Sorry if your not! > > Andoni. > > - Original Message - > From: "Adam Hardy" > To: "Tomcat Users List" > Sent: Thursday, November 27, 2003 10:08 PM > Subject: Re: Authentication with JAAS / Form Autenthication/ > "j_security_check" > > > >>On 11/27/2003 06:41 PM Jose Antonio Chirinos wrote: >> >>>Hi, i have a web application that use web authentication through >>>"j_security_check" servlet; i need to add an extra parameter diferent >>>of "j_password" and "j_username"; i guess that i have to put the >>>extra parameter in the login form and in the definition of the realm; >>>but where i have to include the code for the comparation of the new >>>parameter.Thanks in Advanced.Jose Antonio Chirinos. >> >>Jose, >>tomcat (and all servlet spec compliant app servers) won't process any >>further parameters other than the two you mention. When you code your >>realm, you code a LoginModule or equivalent which is passed these 2 >>parameters. >> >>This means the only option you have is to instruct the user to place the >>extra parameter on the end of the username, perhaps after an appropriate >>seperator character, so that you can then split your extra parameter >>from the user name in your realm code. >> >> >>HTH >>Adam >>-- >>struts 1.1 + tomcat 5.0.14 + java 1.4.2 >>Linux 2.4.20 RH9 >> >>- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- struts 1.1 + tomcat 5.0.14 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Do you Yahoo!? Free Pop-Up Blocker - Get it now
Re: Authentication with JAAS / Form Autenthication/ "j_security_check"
Yes, but if they happen to have javascript disabled, they will get very confused! On 11/28/2003 11:23 AM Andoni wrote: You don't have to instruct the user to do this. Just have login form as a hidden form and fill (and submit) it using JavaScript. You can get the values from a login form you call whatever you like and then append whatever you like to the end of each of the username and password. This does sound rather odd though and you should really be looking at the bigger picture of your architecture to see why you have this problem in the first place as it sounds like you are trying to hack a solution to me!! Sorry if your not! Andoni. - Original Message - From: "Adam Hardy" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Thursday, November 27, 2003 10:08 PM Subject: Re: Authentication with JAAS / Form Autenthication/ "j_security_check" On 11/27/2003 06:41 PM Jose Antonio Chirinos wrote: Hi, i have a web application that use web authentication through "j_security_check" servlet; i need to add an extra parameter diferent of "j_password" and "j_username"; i guess that i have to put the extra parameter in the login form and in the definition of the realm; but where i have to include the code for the comparation of the new parameter.Thanks in Advanced.Jose Antonio Chirinos. Jose, tomcat (and all servlet spec compliant app servers) won't process any further parameters other than the two you mention. When you code your realm, you code a LoginModule or equivalent which is passed these 2 parameters. This means the only option you have is to instruct the user to place the extra parameter on the end of the username, perhaps after an appropriate seperator character, so that you can then split your extra parameter from the user name in your realm code. HTH Adam -- struts 1.1 + tomcat 5.0.14 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- struts 1.1 + tomcat 5.0.14 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Authentication with JAAS / Form Autenthication/ "j_security_check"
You don't have to instruct the user to do this. Just have login form as a hidden form and fill (and submit) it using JavaScript. You can get the values from a login form you call whatever you like and then append whatever you like to the end of each of the username and password. This does sound rather odd though and you should really be looking at the bigger picture of your architecture to see why you have this problem in the first place as it sounds like you are trying to hack a solution to me!! Sorry if your not! Andoni. - Original Message - From: "Adam Hardy" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Thursday, November 27, 2003 10:08 PM Subject: Re: Authentication with JAAS / Form Autenthication/ "j_security_check" > On 11/27/2003 06:41 PM Jose Antonio Chirinos wrote: > > Hi, i have a web application that use web authentication through > > "j_security_check" servlet; i need to add an extra parameter diferent > > of "j_password" and "j_username"; i guess that i have to put the > > extra parameter in the login form and in the definition of the realm; > > but where i have to include the code for the comparation of the new > > parameter.Thanks in Advanced.Jose Antonio Chirinos. > > Jose, > tomcat (and all servlet spec compliant app servers) won't process any > further parameters other than the two you mention. When you code your > realm, you code a LoginModule or equivalent which is passed these 2 > parameters. > > This means the only option you have is to instruct the user to place the > extra parameter on the end of the username, perhaps after an appropriate > seperator character, so that you can then split your extra parameter > from the user name in your realm code. > > > HTH > Adam > -- > struts 1.1 + tomcat 5.0.14 + java 1.4.2 > Linux 2.4.20 RH9 > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Authentication with JAAS / Form Autenthication/ "j_security_check"
On 11/27/2003 06:41 PM Jose Antonio Chirinos wrote: Hi, i have a web application that use web authentication through "j_security_check" servlet; i need to add an extra parameter diferent of "j_password" and "j_username"; i guess that i have to put the extra parameter in the login form and in the definition of the realm; but where i have to include the code for the comparation of the new parameter.Thanks in Advanced.Jose Antonio Chirinos. Jose, tomcat (and all servlet spec compliant app servers) won't process any further parameters other than the two you mention. When you code your realm, you code a LoginModule or equivalent which is passed these 2 parameters. This means the only option you have is to instruct the user to place the extra parameter on the end of the username, perhaps after an appropriate seperator character, so that you can then split your extra parameter from the user name in your realm code. HTH Adam -- struts 1.1 + tomcat 5.0.14 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Authentication with JAAS / Form Autenthication/ "j_security_check"
Hi, i have a web application that use web authentication through "j_security_check" servlet; i need to add an extra parameter diferent of "j_password" and "j_username"; i guess that i have to put the extra parameter in the login form and in the definition of the realm; but where i have to include the code for the comparation of the new parameter.Thanks in Advanced.Jose Antonio Chirinos. - Do you Yahoo!? Free Pop-Up Blocker - Get it now