Extra fields in form authentication

[Diego Manilla Suárez <di...@xeridia.com>]

Hi. I need two extra fields in my login form, other than j_username and 
j_password. The problem is that these extra fields doesn't seem to be 
forwarded to the original requested URL. Right now I've implemented my 
own Authenticator, which extends 
org.apache.catalina.authenticator.FormAuthenticator and overrides its 
authenticate method, iterating over the request parameters and storing 
them on a map in the session.

Is there a simpler and/or nicer way to do what I want?

Thanks in advance.

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Extra fields in form authentication

[Christopher Schultz <ch...@christopherschultz.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark and Diego,

Mark Thomas wrote:
> Diego Manilla Suárez wrote:
>> Hi. I need two extra fields in my login form, other than j_username
>> and j_password.

[snip]
>> Is there a simpler and/or nicer way to do what I want?
> 
> Take a look at http://securityfilter.sourceforge.net/
> 
> I haven't used it, but from the posts I have seen on this list, there
>  is a good chance it will do what you want.

It can do what you want, but it takes some work. In order to accept
parameters other than j_username and j_password, you basically have to
write your own authenticator, which isn't a big deal. You just implement
a particular interface with a method like
authenticate(HttpServletRequest) and do whatever you want.

> It also has the added advantage that it will be portable between
> containers.

This is one of the best reasons to use securityfilter.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG1str9CaO5/Lv0PARAo04AKDD7vK+uTGGxBVBqt9l4fFVEnPGkgCgsVWk
bO5Iv6OxnQ5rqae8XZ8qE28=
=3qHp
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Extra fields in form authentication

[Mark Thomas <ma...@apache.org>]

Diego Manilla Suárez wrote:
> Hi. I need two extra fields in my login form, other than j_username and
> j_password. The problem is that these extra fields doesn't seem to be
> forwarded to the original requested URL. Right now I've implemented my
> own Authenticator, which extends
> org.apache.catalina.authenticator.FormAuthenticator and overrides its
> authenticate method, iterating over the request parameters and storing
> them on a map in the session.
> 
> Is there a simpler and/or nicer way to do what I want?

Take a look at http://securityfilter.sourceforge.net/

I haven't used it, but from the posts I have seen on this list, there
is a good chance it will do what you want. It also has the added
advantage that it will be portable between containers.

Mark


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org