Is it correct to say that you lose the ability to have single-sign on across multiple contexts if you go with a custom login solution (e.g. checking login form fields in a servlet and, if correct, setting a “login” session attribute to true) as opposed to standard form-based authentication?
How can I programmatically customize the form-based authentication, so that I can retain my current login mechanism while still telling Tomcat to use these credentials at a web container level rather than just at the web application level? I’d imagine there’d be ways to customize this, as developers would like to perhaps customize the login process (requiring more than just a j_username and j_password). How can I do this? Thanks. -- View this message in context: http://www.nabble.com/Single-sign-on-without-form-based-authentication-tf3805975.html#a10770906 Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
