> 1) Your Filter will not get called, since authentication happens before
> Filters (you'd need to use a Valve, but then you are locked into Tomcat).
In my experience, and my current working app, this is not the case. The
following code works for me in a filter (mapped to /*) to auto-login a user:
<snip>
if ((request.getRequestURL().indexOf("login")) {
// Check to see if we should automatically login the user
// container is routing user to login page, check for remember me cookie
Cookie userCookie = RequestUtil.getCookie(request, "username");
String username =
(passCookie != null)
? URLDecoder.decode(userCookie.getValue(), "UTF-8") : null;
if ((rememberMe != null) && (password != null)) {
// authenticate user without displaying login page
String route = request.getContextPath() +
"/j_security_check?j_username=" + username
+ "&j_password=" + StringUtil.decodeString(password);
if (log.isDebugEnabled()) {
log.debug("I remember you '" + username
+ "', attempting authentication...");
}
response.sendRedirect(response.encodeRedirectURL(route));
return;
}
}
Matt
</snip>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
