Define an secure url (e.g. /secure/requestedLogin) which forces the user to login (just as you described) and request it from a button or link on the public page you want. When the user isn't logged in yet the servlet container will intercept the request and force the user to login remembering the requested url and redirects the user to this original url after login. >From the destination page (your secure url) you can send a client side redirect to the original (public) page or somewhere else (secure or non-secure).
> -----Original Message----- > From: Erik Johansson [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 18, 2002 10:39 AM > To: Orion-Interest > Subject: Direct call to j_security_check when using form based > authorizati on > > > > I am using form based authentication in my application. When > trying to > access a protected resource, the container automatically > prompts the login > form to the user, where he can fill in authentication info > (username and > password). > > Code from login.jsp: > > <form method="POST" action="j_security_check"> > <input type="text" name="j_username"> > <input type="password" name="j_password"> > </form> > > Here the Servlet-specification dictates that the action to be > called from > the login form must be j_security_check, and that the > parameters passed from > the form must have the names j_username and j_password. > > This way of logging in works very well. But this requires > that the user is > trying to access a restricted area of the application. I > would like to add > functionality to my application that allows the user to make > a direct login > from a public page, without landing at an intermediate login > page. Is there > a way to call the j_security_check directly from another > page? I have made > some experiments but I have not succeeded. > > Does anyone have any advices regarding this subject. I such a > case I would > be very thankful to hear. > > Erik Johansson >
