j_security_check is there a way to force users to renew password

[Ferindo Middleton <fe...@gmail.com>]

Is there a way to force users to renew their password or enforce password
rules using the native j_security_check authentication mechanisms of tomcat?

Ferindo

Re: j_security_check is there a way to force users to renew password

["Frank W. Zammetti" <fz...@omnytex.com>]

Hi Ferindo,

No, there is not.  j_security_check implements simple container-managed 
authentication (sometimes called J2EE security), and that does not 
include password management of any sort.  At work for instance, we have 
built a whole security framework on top of J2EE security to deal with 
just the kinds of things you are talking about.  I'm afraid you'll have 
to do the same, or look around for a project that already has (I'm not 
aware of any off-hand).

Frank

Ferindo Middleton wrote:
> Is there a way to force users to renew their password or enforce password
> rules using the native j_security_check authentication mechanisms of tomcat?
> 
> Ferindo
> 

-- 
Frank W. Zammetti
Founder and Chief Software Architect
Omnytex Technologies
http://www.omnytex.com
AIM: fzammetti
Yahoo: fzammetti
MSN: fzammetti@hotmail.com
Java Web Parts -
http://javawebparts.sourceforge.net
Supplying the wheel, so you don't have to reinvent it!

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org