On Tue, 2009-06-30 at 16:32 +0200, André Warnier wrote:
> Daniel Henrique Alves Lima wrote:
> > 2. When user fills the form in your small login box,
> > - Send a JS XmlHttpRequest (AJAX) to a protected resource (for
> > instance protected_resource.jsp);
>
> It seems to me that yo
Daniel Henrique Alves Lima wrote:
Hi, Steve and Chris.
Steve, can you use AJAX to request a protected resource and to provide
username/password to your real login page (configured at web.xml) or
directly to j_security_check ?
I don't know if this will work (and if this is
Hi, Steve and Chris.
Steve, can you use AJAX to request a protected resource and to provide
username/password to your real login page (configured at web.xml) or
directly to j_security_check ?
I don't know if this will work (and if this is what you have in mind),
but:
Chris,
Thanks, yes, a "drive-by login" is what I am after. I am bummed that
Tomcat does not support this - it seems the common setup on most sites I
visit on the Net. (I suppose it is more accurate to that say I am bummed
that the J2EE standard does not define this behavior as Tomcat is only
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Steve,
On 6/29/2009 1:58 PM, Steve B. wrote:
> I understand that Tomcat's FORM authorization setup expects me to secure
> URL's and then let Tomcat invoke the login form before proceeding to
> these URL's when requested.
>
> However, I have a site fo
I suspect this question has been answered before - unfortunately, I
cannot find the key words to find my answer(s) in archives, etc.
I understand that Tomcat's FORM authorization setup expects me to secure
URL's and then let Tomcat invoke the login form before proceeding to
these URL's when re