From: Scott M S. <sco...@at...> - 2003-04-03 23:46:43
|
That is not going to work as your going outside of the standard mechanisms for propagating security to the web container. You have to integrate deeply with the web container using a custom valve for example in tomcat. xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx ----- Original Message ----- From: "Craig Berry" <Cra...@po...> To: <jbo...@li...> Sent: Thursday, April 03, 2003 1:54 PM Subject: RE: [JBoss-user] auth login config file from JSP Again, form-based login works fine with this setup. But if I try to do a login from code in a servlet, like this: LoginContext lc = new LoginContext("userdb", this); lc.login(); (with 'this' providing a callback that gives the special username and password required in this situation), I get no sign of a login failure, and the resulting lc can provide a Subject with the seemingly correct information in it, but nonetheless when I hit a protected servlet after this code has run I get shunted over to my login form as if no authentication had occurred. Please help; I'm tearing my hair out trying to understand this! -- Craig Berry Principal Architect and Technical Manager PortBlue (310) 566-7546 |