-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Martin,
On 10/4/2011 1:12 PM, app...@dsl.pipex.com wrote: > Before I look at the specification :( You should read the spec all the way through IMO. It's not that long, it's well-written and readable by real humans (and not techno-lawyers), and very informative. > maybe I should clarify my question: can I have the login form > embedded in different pages? You can put your login form wherever you want. Just be aware that the container is going to intercept any non-authenticated access attempts to protected resources and forward them to the one-and-only login page you have configured in <form-login-page>. > This way, there would be only one <login-config> element where re- > direction could resolve the welcome page issue once login is > achieved. > > Each page would then be able to direct each of which calls the > same login authentication, but But what? Your login.jsp page can forward/include anything it wants, as long as none of the resources it tries to include/forward to are protected. So, you can sniff the original request URI and serve-up whatever flavor of login page you want. To see how to do *that*, I'm going to make you read the spec :) - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6LRtoACgkQ9CaO5/Lv0PDdiACgiXTpEM7sH9ttfSzyf2n4e+0v XsEAmwWgoS08TAcSwMzN5hI8ox+7SnDZ =Ihdu -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
