Hi.
You can find discusion here: http://groups-beta.google.com/group/comp.lang.java.programmer tomcat-5.0.27 authentication/authorization
http://groups-beta.google.com/group/comp.lang.java.programmer/browse_thread/thread/d86b1db12a57638d/1532ba9c63e42da3?q=tomcat-5.0.27+authentication%2Fauthorization&_done=%2Fgroup%2Fcomp.lang.java.programmer%2Fsearch%3Fgroup%3Dcomp.lang.java.programmer%26q%3Dtomcat-5.0.27+authentication%2Fauthorization%26qt_g%3D1%26searchnow%3DSearch+this+group%26&_doneTitle=Back+to+Search&&d#1532ba9c63e42da3
Hi all.
Tomcat, and any other servlet server, when we use "<auth-method>FORM</auth-method>" with j_security_check, j_username, j_password and <security-constraint>, check our user name and password against database (or anything else - but this wasn't important now) and then PUT_SOMETHING_FOR_RECOGNITION_SOMEWHERE (I think in servlet session?) for repossess.
After that we can access resource specified in <web-resource-collection> if we have THAT_SOMETHING (role). And THAT_SOMETHING will be passed automatically to EJB if we use EJB, and so on......
Is it possible to put THAT_SOMETHING from my code i.e. servlet?
For example, if I want to use in JSP other name for j_security_check, j_username, j_password, or I want to use other presentation for my web app like Swing or simmilar? I could check user name or anything else by myself and then put THAT_SOMETHING and proceed like I was make real j_security_check.
Do you know how to do this?
P.S. I can't use JAAS.
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]