2012/6/28 Komáromi, Zoltán <komaromi.zol...@horticosoft.hu>: > 1. Why not a Realm? > Because the authentication depends on session attribute, and I want to > bypass the form if user is logged in.
When I used Tomcat's realm to authenticate users , that was a issue than I missed : to access to session enviroment or context enviroment. I had to try Spring Security because it implements this feature I understand that authentication is a previous step to accessing web application, but , sometimes, it's required to update session enviroment . For example, to forward to a custom error page , with a diferent message error ( "user not found", "user is already logged", etc. ) Some of these things I could solve with filters & temp registers in database, but I don't like it --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
