"Ralph vd Houdt" <[EMAIL PROTECTED]> wrote:
> Hi Gregor,
>
> This sound OK, Can you point me to documentation on this or give me
> additional information?
It is quite simple.
The "normal" login.jsp looks like this:
<form method="POST" action="j_security_check" >
Username: <input type="text" name="j_username"><br>
Password: <input type="password" name="j_password"><br>
<br>
<input type="submit" value="login" name="j_security_check">
</form>
You would use something like this (for simplicity here pure JSP,
it can be done with Struts as well:
<form action='<%= respose.encodeUrl("/checklogin.jsp") %>' >
User: <input name="user"><br>
Company: <input name="company"><br>
Password: <input name="password" type="password">
</form>
And checklogin.jsp would do something like this:
<%
String j_username =
request.getParameter("company") + "/" + request.getParameter("user");
String j_password = request.getParameter("password);
%>
<jsp:forward page='<%= "j_security_check?j_username=" +
URLEncoder.encode(j_username) +
"&j_password=" +
URLEncoder.encode(j_password) %>' />
Of course, the mapping logic from company+user to web-user can be
more complex than simple concatenation with a "/" as separator.
Actually, I've never used it for such mapping. I've used it for
auto-login directly in the first login.jsp.
It checks to see, whether the user can be identified by a cookie and
tries to retrieve the username/password from a database. Then, instead
of displaying the login form, it directly forwards to j_security_check.
groetjes
--
gR
> ----- Original Message -----
> From: "Gregor Rayman" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, September 06, 2001 4:43 PM
> Subject: Re: re-Logon after session timeout
>
>
> > "Ralph vd Houdt" <[EMAIL PROTECTED]> wrote:
> >
> > > Hi Jon,
> > >
> > > This is not just what I want. I want to do a login based on 3 fields
> > > company/user/password and evaluate then to an EJB. The login should put
> an
> > > object in the session.
> > >
> > > Greetings Ralph
> >
> > You can do this with form based login as well.
> > Your form would not have the action "j_security_check", it would
> > point to another action which would map the three field to the
> > two (user/password) and forward to j_security_check.
> >
> > --
> > gR
> >
> >
> >
>
>