On Wed, Jul 13, 2022 at 10:21 AM EXT-Denton, Sam T <sam.t.den...@boeing.com> wrote: > > This may help you: > https://stackoverflow.com/questions/15742580/how-to-programmatically-login-to-j-security-check > > Sam Denton > Advisor, Solutions Architect > Mobile (314) 827-4017 > 24x7 SBS Suppot (405) 312-9936 >
Thanks for the reply, but what I'm trying to do is a bit different as I won't have the users password. I was basically looking for a backdoor way to establish a session using just the username. I think I was able to get it working but don't know if its the best way. What I was missing was, I was not saving the principal to the Session, only the Request initially. Also, I created a dummy servlet in my webapp that has both doGet and doPost methods so that the status codes would not be a 404-405. The valve will only create a new Principal for a POST request to a specific url. Eventually, my custom realm (form login) may go away and the login for my app will be done by this external app which will be the only thing that will be able to call this new "backdoor" way. Tim --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
