You could use a Filter. Once authenticated, the filter can check to see if
the user's password needed changed. If so, you can sendRedirect() or let the
next filter in the chain do its thing.
-Tim
Shain, Jim wrote:
Goal: Using forms based authentication, a user logs into a site with a valid use
-Jim
-Original Message-
From: Vincent Aumont [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 10:57 AM
To: Tomcat Users List
Subject: Re: Realm Authentication and Password Change
session.setAttribute().
Don't forget to remove the attribute from the session when you're done
al Message-
From: Vincent Aumont [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 10:24 AM
To: Tomcat Users List
Subject: Re: Realm Authentication and Password Change
A possible solution:
- Your custom realm sets a session attribute to indicate that the password must
be changed.
- You creat
Vincent,
Thanks! Great solution. How can I set a session variable in a custom realm?
-Original Message-
From: Vincent Aumont [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 10:24 AM
To: Tomcat Users List
Subject: Re: Realm Authentication and Password Change
A possible solution
A possible solution:
- Your custom realm sets a session attribute to indicate that the password must
be changed.
- You create a filter that checks this attribute and redirect the use to the
password change page if needed.
-Vincent.
> Goal: Using forms based authentication, a user logs into a si
Goal: Using forms based authentication, a user logs into a site with a valid user
ID/password, and is redirected to a page explaining that the password has expired and
user must change their password.
What's a good way to reach this goal? I've been working with a custom realm module, so
I know
