Hello everyone, I take up a topic of my own again. The point there was that I would like to accommodate both the configuration and the actual Server Auth module within the application. That worked well with your advice.
Unfortunately, I have now reached the point where this solution works for one application, but a parallel application on the same Tomcat then also uses the Server Auth module. There is a <login-config> entry in the web.xml of the second application. In my opinion, this is ignored as soon as JASPIC is configured for this Tomcat (either statically with jaspic-providers.xml or dynamically by implementing an AuthConfigProvider). Now here are my questions: 1. Is there a possibility to activate the JASPIC provider for only one of the two applications? 2. OR there is an AuthConfigProvider that could implement the FORM based authentication. thanks in advance Matthias