... It really depends on how you have done the coding of the classes and what kind of framework (struts?, other?) you used for the webapp. The idea is simple though. when the form is submitted, you need to have a method that:
1) queries a datastore for username/password 2) does something if username/password FOUND or 3) does something if username/password NOT FOUND What you need to do is split that method up into two seperate methods. Then, for the registration process you need a method that: 1) inserts the username/password into a datastore 2) does the same as #2 above. This can be as simple as calling a common method in the class or as complex as (if using struts for example) re-forwarding the request, constructing the url appropriately (Ex: http://localhost/mywebapp/login.do?username=mike&password=secret If i knew more about your framework and how you've got you classes written I could help you more. <mike/> -----Original Message----- From: Guillermo Payet [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 07, 2002 12:47 PM To: [EMAIL PROTECTED] Subject: Forcing authentication Hi, I've asked this one before, but got no answers, so here goes an "abridged" version. I'd like to "force" a FORM authentication by somehow calling /login/j_security_check from a jsp page, or doing something equivalent, so that the application can decide to "force" the authentication of a session in some cases, whithout the user having to go through the login form. We're using Tomcat 4.0.3 I found this pointer to a purported solution to our problem: http:[EMAIL PROTECTED]%3E But it ain't working. I've tried all kinds of variations on this, but I cannot figure out how to make it work. It seems that once a request is matched against auth constraints, (which happens when the registration page is first loaded) it will not be matched again. This means that any redirection of the request to j_security_check just returns a 404, since authenticate() is never called again and so it fails to intercept the request and authenticate the session. Any ideas?? Any help is appreciated! thanks! --Guillermo Payet -- Guillermo Payet O C E A N G R O U P email: [EMAIL PROTECTED] web: http://www.oceangroup.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
