tomcat-5.0.27 authentication/authorization

[mate markovic <ma...@hotmail.com>]

Hi.

You can find discusion here:
http://groups-beta.google.com/group/comp.lang.java.programmer
tomcat-5.0.27 authentication/authorization

http://groups-beta.google.com/group/comp.lang.java.programmer/browse_thread/thread/d86b1db12a57638d/1532ba9c63e42da3?q=tomcat-5.0.27+authentication%2Fauthorization&_done=%2Fgroup%2Fcomp.lang.java.programmer%2Fsearch%3Fgroup%3Dcomp.lang.java.programmer%26q%3Dtomcat-5.0.27+authentication%2Fauthorization%26qt_g%3D1%26searchnow%3DSearch+this+group%26&_doneTitle=Back+to+Search&&d#1532ba9c63e42da3

Hi all.

Tomcat, and any other servlet server, when we use
"<auth-method>FORM</auth-method>" with j_security_check,
j_username, j_password and <security-constraint>,
check our user name and password against database
(or anything else - but this wasn't important now) and then
PUT_SOMETHING_FOR_RECOGNITION_SOMEWHERE
(I think in servlet session?) for repossess.

After that we can access resource specified in <web-resource-collection>
if we have THAT_SOMETHING (role). And THAT_SOMETHING will
be passed automatically to EJB if we use EJB, and so on......

Is it possible to put THAT_SOMETHING from my code i.e. servlet?

For example, if I want to use in JSP other name for j_securi­ty_check,
j_username, j_password, or I want to use other presentation
for my web app like Swing or simmilar?
I could check user name or anything else by myself and then
put THAT_SOMETHING and proceed like I was make
real j_security_check.

Do you know how to do this?

P.S. I can't use JAAS.

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org