Most people use JAAS/JDBC reals built into app servers like Resin,
Tomcat, etc.
It's done for you... and bug free.
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
.V
James Woodward wrote:
Hello everyone,
I'm trying to figure out if there is an elegant solution to what I want
to do.
The application I am working on allows users to sign up for an account
and then enroll themselves into any courses currently being offered.
This is the scenario.
User Bob visits the site and views a calendar of courses. Bob decides to
view the description of a course that is being offered July 29th. Bob is
interested in the course and clicks on the Register button. Bob has not
authenticated at this point and is given a page that requires him to
enter his ID and Password. Bob enters the ID and Password and then . . .
--What I want to happen is this--
Once Bob authenticates I want him to be able to continue on with what he
was doing. I want him to be taken to the next step of the registration
process which will include a message saying something like "You are
about to register in the course "Programming with Struts" on July 29th"
Are you sure you want to continue.
--What really happens is this--
Once Bob enters his ID and password he is forwarded to some default page
like Index.do
My current implementation has a secureAction that is extended by any
action that a user must be authenticated to access. This secureAction
checks to see if there is a session variable that is created when you
authenticate. If this variable doesn't exist it takes you to the logon
page. If it does exist you continue doing what you had intended to do.
It's probably obvious but keep in mind that this requires that we keep
track of the courseid as well as the intended url. I have numerous pages
that extend the secureAction and would like the idea of being able to
continue where you were before authenticating to work for all of them.
If you have seen or done anything similar I'd appreciate any idea's you
have on the subject.
James
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
