I built a solution, that is working for me. The Servlet is doing a
login, copies the the authentication-data to the session and responds
with JSON-Data.
The problem with this solution is, that I have to access a private
member by using reflections, because the StandardSession-Object is
hidden with
I had the same requirements and ended up using Spring security. Although
spring security is no set up for ajax itself, you can make a filter that
catches all ajax context after it goes through the security class filters. Take
a look here :
http://static.springsource.org/spring-security/site/
Johannes Meyer wrote:
Hello all,
I'm developing a web application with asynchronous techniques (ExtJS).
The most pages are secured with a "security-constraint", so the user
has to log in at first.
The users gets prompted a login dialog and can type in his username
and password. The data will
2013/2/8 Johannes Meyer :
> Hi Konstantin,
>
> thank you for answer.
>
>> HttpServletRequest.login(..) ?
>> (in a Servlet 3.0 application)
>
> If I call this function, only the current request is authorized, but
> not the whole session.
>
Whether authorization is cached in the session depends on
a
Hi Konstantin,
thank you for answer.
> HttpServletRequest.login(..) ?
> (in a Servlet 3.0 application)
If I call this function, only the current request is authorized, but
not the whole session.
Is there any solution to authorize the session?
Thank you,
Johannes
2013/2/8 Konstantin Kolinko :
2013/2/8 Johannes Meyer :
> Hello all,
>
> I'm developing a web application with asynchronous techniques (ExtJS).
>
> The most pages are secured with a "security-constraint", so the user
> has to log in at first.
>
>
> The users gets prompted a login dialog and can type in his username
> and passwo
Hello all,
I'm developing a web application with asynchronous techniques (ExtJS).
The most pages are secured with a "security-constraint", so the user
has to log in at first.
The users gets prompted a login dialog and can type in his username
and password. The data will be sent asynchronous to
