I just like to point you the usual / standard use of J2EE authentication in a web tier !
http://java.sun.com/products/servlet/download.html With restricted resources define in web.xml Login page (FORM) And a defined realm in context.xml (or server.xml) No more ... PS: I don't think it really smart to GET login & password in (clear) URL ;-) On 11/22/06, Santosh Puranshettiwar <[EMAIL PROTECTED]> wrote:
olivier nouguier wrote: Thanks. > Hi > The "natural" *post* should be > http://localhost/realm-test >> >> /j_security_check?j_username=foo&j_password=bar > Let me make sure I got it right. So you mean the request should be something like this: - URL: - http://localhost/realm-test?j_security_check (method=POST) message body: - j_username=foo&j_password=bar So appending a 'j_' will do the job? Also, in your case 'j_security_check' is the resource. But in my case, *'RealmTestServetlet'* is the resource. > And should be OK. > > What are your need ? Till now, my authentication code used to be in the application layer. But now, I wish to offload the task to my container (Tomcat) without any changes to the application protocol; which is to send username and password as _plain key-value pairs_ in the request URL. > > > On 11/22/06, Santosh Puranshettiwar <[EMAIL PROTECTED]> wrote: >> >> Hello, >> >> I wish to user a JDBCRealm with the username & password coming in the >> HTTP request as key-value pairs. >> >> Is it possible? >> >> Elaborate: - >> They request uri: - >> http://localhost/realm-test/RealmTestServetlet?username=foo&password=bar >> >> The Realm must authenticate with 'foo' & 'bar'. >> >> -- >> Santosh. >> >> >> --------------------------------------------------------------------- >> To start a new topic, e-mail: users@tomcat.apache.org >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > -- Santosh. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- "Souviens-toi qu'au moment de ta naissance tout le monde était dans la joie et toi dans les pleurs. Vis de manière qu'au moment de ta mort, tout le monde soit dans les pleurs et toi dans la joie."