I just find it hard to believe that there is no open-source
project/library to mange users that includes the above functionality.
Web server logins are dismal across the board, but its so easy to write
a filter so I think nobody bothered.
Peter
Stephen More wrote:
On 8/22/07, Christopher
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen,
Stephen More wrote:
Both of these would require a Filter that checks for the existence of
the role expiredPassword and redirect as needed.
Yes. That's why I did it myself all in a single filter (including
loading the user's state, rather
I also didn't understand exactly what you mean, but 'JDBCRealm'... implies
using a database, so the simple way is to redirect and use a web form to change
it, which is easy enough. If you don't want to use a web form then its an
entirely different story, I assume some sort of extension or
In looking at the docs:
http://tomcat.apache.org/tomcat-5.5-doc/config/realm.html
there is no Attribute for userCredExpireCol. How do I configure the
JDBCRealm to look at an expiration column ?
-Steve
On 8/22/07, Peter Stavrinides [EMAIL PROTECTED] wrote:
I also didn't understand exactly what
Hi Steven
You are limited as to what logic the realm performs automatically,
checking for expired passwords requires some manual work on your side.
You might want to look at implementing a JAASRealm, and your own login
module:
See the bottom of this page:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen,
Stephen More wrote:
On 8/21/07, Christopher Schultz [EMAIL PROTECTED] wrote:
Stephen More wrote:
Has anyone written or know of a JDBCRealm that supports an expired password
?
Do you mean that you want expired-password-users to be
On 8/22/07, Christopher Schultz [EMAIL PROTECTED] wrote:
1. Checks to see if the Session exists and has a Principal.
2. Checks to see if the Session contains my User object.
If not, it loads the User object and performs the real login
(as opposed to the basic authentication provided by
Has anyone written or know of a JDBCRealm that supports an expired password ?
-Thanks
Steve More
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen,
Stephen More wrote:
Has anyone written or know of a JDBCRealm that supports an expired password ?
Can you phrase that in a different way? I wouldn't want my JDBCRealm to
allow expired passwords to be used.
Do you mean that you want
On 8/21/07, Christopher Schultz [EMAIL PROTECTED] wrote:
Stephen More wrote:
Has anyone written or know of a JDBCRealm that supports an expired password
?
Do you mean that you want expired-password-users to be forced to change
their password before doing anything else?
Yes, this is
10 matches
Mail list logo
