I am working on a Struts 1.x application that has a number of login pages L1, L2, L3, ... If a non-authenticated user requests a page - P - that requires authentication, the user will be redirected to one of these login pages L1, L2, L3, ... - depending on the context. Once authenticated, he proceeds to page P.
Now, authentication is being centralized across a variety of applications (Struts and non-Struts). All the login pages from my application (L1, L2, ...) need to be redirected to this central security application (outside my control) for authentication. Once the redirected user is authenticated by the central security application, the user needs to be sent back to his originally requested page - P. What would be the best way to securely implement this redirected authentication in the Struts 1.x framework?
