I've gone a slightly different way now, but what I've done is this...
I've extended the JNDIRealm (or JDBC or whatever), which within this
adds the username of the logged in user into a 1 field table if the user
has successfully logged in.
After the user has logged in, A filter is run (that h
Forget about all the above, it doesn't work.
You will have to subclass the used Authenticator-Class (i.e.
org.apache.catalina.authenticator.FormAuthenticator), create a jar from it
and out this jar into server/lib of your Tomcat-Installation-directory.
Then you'll have to patch catalina.jar: Insi
It may be ugly, but this comes to mind.
Map all requests to /admin* to your servlet.
Also setup the /admin* to be constrained.
Someone goes to http://www.yourserver.com/admin.
They must log in. Once logged in, all requests go to your servlet.
The servlet strips off the URL information and re
That was my guess initially, but there is no way of knowing that the
request the filter is given has been through the security...
Unless I'm wrong about this...?
Marc Farrow wrote:
My guess is that the easiest thing to do is to create a filter.
On 8/14/06, Eurig Jones <[EMAIL PROTECTED]> wr
My guess is that the easiest thing to do is to create a filter.
On 8/14/06, Eurig Jones <[EMAIL PROTECTED]> wrote:
Hi, hopefully someone can help me...
My Secured area is /admin/* which requires the "administrator" role to
view.
If someone requests /admin/edit.faces, they are prompted with a
Hi, hopefully someone can help me...
My Secured area is /admin/* which requires the "administrator" role to view.
If someone requests /admin/edit.faces, they are prompted with a login
prompt as expected. If they login correctly they'll proceed to
/admin/edit.faces
What I want to do is forwar
