You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Bjørn T Johansen <bt...@havleik.no> on 2005/04/07 08:05:38 UTC
Container Managed Security?
I have a small question... I am used to providing my own authentication system when
developing web systems, but I am now looking into providing container based security
instead. But when writing authentication myself, I have full control and can put
differenf information that I need into the session scope. How do I do this using
Tomcat's FORM-based authentication? Is there some listener I can hook onto or similar?
Regards,
BTJ
--
-----------------------------------------------------------------------------------------------
Bjørn T Johansen
btj@havleik.no
-----------------------------------------------------------------------------------------------
Someone wrote:
"I understand that if you play a Windows CD backwards you hear strange Satanic messages"
To which someone replied:
"It's even worse than that; play it forwards and it installs Windows"
-----------------------------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Container Managed Security?
Posted by Bjørn T Johansen <bt...@havleik.no>.
That doesn't help with my "problem", does it? I need to create a session object when
a user logs in, is this possible?
BTJ
Gurumoorthy wrote:
> Use LDAP Based authentication ... I have this working very nicely only our
> servers
> Read JNDI Realm topic of tomcat
> Gurus
> ----- Original Message -----
> From: "Bjørn T Johansen" <bt...@havleik.no>
> To: "'Tomcat Users List'" <to...@jakarta.apache.org>
> Sent: Thursday, April 07, 2005 7:05 AM
> Subject: Container Managed Security?
>
>
>
>>I have a small question... I am used to providing my own authentication
>
> system when
>
>>developing web systems, but I am now looking into providing container
>
> based security
>
>>instead. But when writing authentication myself, I have full control and
>
> can put
>
>>differenf information that I need into the session scope. How do I do this
>
> using
>
>>Tomcat's FORM-based authentication? Is there some listener I can hook onto
>
> or similar?
>
>>
>>Regards,
>>
>>BTJ
>>--
>>--------------------------------------------------------------------------
>
> ---------------------
>
>>Bjørn T Johansen
>>
>>btj@havleik.no
>>--------------------------------------------------------------------------
>
> ---------------------
>
>>Someone wrote:
>>"I understand that if you play a Windows CD backwards you hear strange
>
> Satanic messages"
>
>>To which someone replied:
>>"It's even worse than that; play it forwards and it installs Windows"
>>--------------------------------------------------------------------------
>
> ---------------------
>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Container Managed Security?
Posted by Gurumoorthy <g....@btinternet.com>.
Use LDAP Based authentication ... I have this working very nicely only our
servers
Read JNDI Realm topic of tomcat
Gurus
----- Original Message -----
From: "Bjørn T Johansen" <bt...@havleik.no>
To: "'Tomcat Users List'" <to...@jakarta.apache.org>
Sent: Thursday, April 07, 2005 7:05 AM
Subject: Container Managed Security?
> I have a small question... I am used to providing my own authentication
system when
> developing web systems, but I am now looking into providing container
based security
> instead. But when writing authentication myself, I have full control and
can put
> differenf information that I need into the session scope. How do I do this
using
> Tomcat's FORM-based authentication? Is there some listener I can hook onto
or similar?
>
>
> Regards,
>
> BTJ
> --
> --------------------------------------------------------------------------
---------------------
> Bjørn T Johansen
>
> btj@havleik.no
> --------------------------------------------------------------------------
---------------------
> Someone wrote:
> "I understand that if you play a Windows CD backwards you hear strange
Satanic messages"
> To which someone replied:
> "It's even worse than that; play it forwards and it installs Windows"
> --------------------------------------------------------------------------
---------------------
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Container Managed Security?
Posted by Bjørn T Johansen <bt...@havleik.no>.
That seems to be what I am looking for....
I will look into this... Thx... :)
BTJ
Mark Thomas wrote:
> Opps. Typo. That should be:
>
> javax.servlet.http.HttpSessionListener
>
> Mark Thomas wrote:
>
>> javax.servlet.http.SessionListener
>>
>> For a summary, read the javadocs. For full details read the spec.
>>
>> Mark
>>
>> Bjørn T Johansen wrote:
>>
>>> I have a small question... I am used to providing my own
>>> authentication system when
>>> developing web systems, but I am now looking into providing container
>>> based security
>>> instead. But when writing authentication myself, I have full control
>>> and can put
>>> differenf information that I need into the session scope. How do I do
>>> this using
>>> Tomcat's FORM-based authentication? Is there some listener I can hook
>>> onto or similar?
>>>
>>>
>>> Regards,
>>>
>>> BTJ
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Container Managed Security?
Posted by Mark Thomas <ma...@apache.org>.
Opps. Typo. That should be:
javax.servlet.http.HttpSessionListener
Mark Thomas wrote:
> javax.servlet.http.SessionListener
>
> For a summary, read the javadocs. For full details read the spec.
>
> Mark
>
> Bjørn T Johansen wrote:
>
>> I have a small question... I am used to providing my own
>> authentication system when
>> developing web systems, but I am now looking into providing container
>> based security
>> instead. But when writing authentication myself, I have full control
>> and can put
>> differenf information that I need into the session scope. How do I do
>> this using
>> Tomcat's FORM-based authentication? Is there some listener I can hook
>> onto or similar?
>>
>>
>> Regards,
>>
>> BTJ
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Container Managed Security?
Posted by Mark Thomas <ma...@apache.org>.
javax.servlet.http.SessionListener
For a summary, read the javadocs. For full details read the spec.
Mark
Bjørn T Johansen wrote:
> I have a small question... I am used to providing my own authentication system when
> developing web systems, but I am now looking into providing container based security
> instead. But when writing authentication myself, I have full control and can put
> differenf information that I need into the session scope. How do I do this using
> Tomcat's FORM-based authentication? Is there some listener I can hook onto or similar?
>
>
> Regards,
>
> BTJ
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org