Actually, it *is* using form-based security. I just do a redirect to "j_security_check" to mimic how a form's action submits to action="j_security_check". The user can choose to "remember password" by checking a checkbox and then a cookie is set for their username and password. So it's "optional" remember me functionality.
So, IMO - this is a way to implement remember me with container managed authentication. It's working like a charm for me in 2 production apps. Of course, they both are running on Tomcat, but it *should* work on any container. Matt -----Original Message----- From: Will Hartung To: Tomcat Users List Sent: 3/5/2003 4:11 PM Subject: Re: remember password HOW-TO? > From: "Raible, Matt" <[EMAIL PROTECTED]> > Sent: Wednesday, March 05, 2003 2:36 PM > Subject: RE: remember password HOW-TO? > I've been able to implement "Remember Me" functionality using form-based > authentication and cookies on Tomcat 4.1.18. > > http://www.mail-archive.com/[EMAIL PROTECTED]/msg86636.html > To be pedantic, this is simply security implemented with Servlets and Filters, and has nothing to do with the container based Form Based Security. I'm sure it works fine and does the job, I'm not questioning its quality or functionality, and David may well be able to lift it and use it straighaway. I'm just pointing out that this does not interact in any way with the Container provided security infrastructure. FYI Regards, Will Hartung ([EMAIL PROTECTED]) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]