On 10 Jul 2002, Chris A wrote:
> Date: 10 Jul 2002 06:31:06 -0700
> From: Chris A <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: automate JDBC realm login
>
> Hello all,
>
> Anyone know how to automate a JDBC realm login, so the user will not
> have to login when visiting a secure page during a different session ?
> This would be similar to a "remember me" checkbox on the login page.
>
There is no standard functionality in Tomcat to do this. It would be
feasible to customize one of the existing Authenticator implementations to
look for a remember-me cookie and bypass the challenge for
username/password if it can find the corresponding user.
> I have tried to use a bean and servlet to set the j_username and
> j_password and "fake" an HTTP/POST , but nothing I have tried seems to
> work. Anyone done this before or know if this is possible using a realm
> setup ?
>
There's nothing you will be able to do at the application level to
accomplish this (and that's a good thing, because otherwise malicious apps
could bypass the container's security :-). You will need to do this at
the inside-Tomcat level instead.
> Thanks for your help,
>
> Chris A.
> Austin, TX
>
Craig
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
