Re: Filter on j_security_check or Alternate way

Wed, 19 Sep 2007 04:21:13 -0700 

yeah i can get info from getPrincipal() but where should i put that code to
retrieve the info? where should i save the state in session? at login page?
no - then after login the secured page is going to open - i need to save
something or process something before it.

-alee

On 9/19/07, Tim Funk <[EMAIL PROTECTED]> wrote:
>
> Filters are not invoked on j_security_check
>
> If you need to do something "special" on login - you will need to store
> some state in the session. (Like session variable called
> didInitializeSession)
>
> Then the filter can check for the existence of a
> request.getUserPrincipal() &&
> session.getAttribute("didInitializeSession") to see if you need to do
> any special setup work.
>
> -Tim
>
> alee amin wrote:
> > Hi,
> >
> > I have implemented form based security on web app using JDBCRealm in
> > server.xml file. It has been implemented. Now i want to use some pre-req
> > before accessing any page in secure area say (faces/secure/main.xhtml).
> >
> > My index page redirect to faces/secure/main.xhtml where it ask for login
> and
> > then the page is shown. I want to interpret the request after the login
> and
> > before main.xhtml. I have read different topics and it is not possible
> to
> > implement Filter on j_security_check (not sure for tomcat 5.5+). Is
> there
> > any way to implement on it or there is any alternate that i can
> interpret
> > the request?
> >
> > (security constraint on /faces/secure/*)
> >
> > I have used an alternate
> > index -> faces/secure/redirect.jsp -> login (by tomcat) and then
> > faces/secure/redirect.jsp -> faces/secure/main.xhtml (redirecting to
> this
> > page from redirect page). I implemented the FILTER on redirect.jsp. It
> is
> > invoking but i am not liking the method.
> >
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>


-- 
Muhammad Ali
http://techboard.wordpress.com
Software Engineer - E2ESP
muhammadaliamin(at)gmail(dot)com

Reply via email to