Hello all- I have a servlet based application running on Tomcat 3.2. It uses a homespun security system which I would like to replace with standard J2EE security. However, when the user logs in there are a number of server-side tasks which have to be performed both before and after authentication takes place, and which logically and functionally are all part of the login process.
Therefore it is a problem for me that, as best I can tell from availible documentation, all authentication is done through the magic URL "/j_security_check" which is opaquely handled by the application server. I have seen some suggestions on newsgroups that I should hack my way around this by having my own servlet code forward to /j_security_check after doing my own processing, but 1)this is not really what I want because some of the work I have to do should not take place until after authentication, and 2)that seems like a collosal hack that might have ramifications I don't know about. What I really want is a server-side method like authenticate(username, password) which would be functionally the same as submitting to /j_security_check. Does any such thing exist, and where can I find out about it? If not, can anyone suggest an alternative? Thanks in advance, Ben Drasin _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
