On 12 March 2014 20:40, Christopher Schultz <ch...@christopherschultz.net>wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Neeraj, > > On 3/12/14, 10:47 AM, Neeraj Sinha wrote: > Thanks. Actually in the realm implementation, I make a call to backend > authenticate () method which validates various login rules and if any of > them fails, it returns false and the user is not allowed to login > (GenericPrincipal object is instantiated with an invalid role) and is > re-directed to login page. One of the rule is user account locking rule so > user can not be authenticated successfully unless his/her user account is > unlocked first so this solution won't work. > > Then you'll have to do your own "partial" authentication, process the > reset code, then perform *formal* authentication (using > request.authenticate()), then forward to wherever users should go > after they reset their passwords. > > - -chris > Chris, Thanks. What I am doing now is that I am processing the unlock code and re-directing the request to my login page along with get parameter as status based on which a message is displayed if the unlock was successful and further allows user to login. Although the earlier implementation was not like this but I have seen in couple of applications where this approach is followed. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBCAAGBQJTIHjsAAoJEBzwKT+lPKRYNo4P/jOQiQWlVFVu51i5KnpBGV5W > HtjjnpJC6qU5Bu+MNqB2qcBeCJ6lTmlFZQ9fRSjL3CmDfkgBlApIoPebICMdGEoF > wa9rNJljfkoUtUFpeas91rUwXXPYcKrlXFxelpemCHVu6EfoEVaFQh1s71e/gZrJ > R5pkKSy4CWJxZ1R4GjuXadry39OvB5cjlnmLz8NpaNa337HrBe8EzsK/hmFBJjGB > fUKORbxMszctpqzrQyaaRxkPwxw5duz8VaJ8kwimYXsMP4NmiNuX1xN8cDqxzJ2Z > J23yqq0S9tIHbpGRIg867IHhbtSSyPv6tIihXdPZoNz7YwU9d7t8I0vut5c8kOzw > JN5/wayIacqJTMuOHdwRr+n6RMw+RDgDMnlAXI/caUbXabCbdORDoo1CQlTs3wVv > HeR0skCsRx2qDEnrLpnxrlrFwVbQiHBOpOH2yLi414YXdT203ndkmn9nSzCjOM5X > uLF0yS2Q3MymFmJxaJrvmZwozf+LsNSUlTeVi+VQT7TSYHpL0CM15aCK+TCoYNtm > bDsVNXoNKbsljGQzAO5iCPKdkQ845xBpMgl7uCrBA9bZT3hQXj8GcnZyBGyfsTYr > TfhwzZK7DsA/lWXj3Bue50cv2w7pQUeo2FGjAGqkoYn4jwIIU7YlmnhKyMhSky+x > OZXFwWvSplgE5F9zLBIP > =iCrm > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- Regards, Neeraj